Security News

darkreading Jan 22, 2026 at 00:24

Dark Reading Confidential: Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential Episode 14: How curious, ethical problem solving can continue to serve as a guiding principle for an evolving cybersecurity sector.

Read Article

darkreading Jan 22, 2026 at 00:24

Dark Reading Confidential: Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential Episode 14: How curious, ethical problem-solving can continue to serve as a guiding principle for an evolving cybersecurity sector.

Read Article

darkreading Jan 21, 2026 at 23:06

AI Agents Undermine Progress in Browser Security

Web browser companies have put in substantial effort over the past three decades to strengthen the browser security stack against abuses. Agentic browsers are undoing all that work.

Read Article

darkreading Jan 21, 2026 at 22:00

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no other user interaction.

Read Article

darkreading Jan 21, 2026 at 20:22

Phishing Campaign Zeroes in on LastPass Customers

The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models to craft them.

Read Article

darkreading Jan 21, 2026 at 14:48

Complex VoidLink Linux Malware Created by AI

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware.

Read Article

darkreading Jan 21, 2026 at 14:00

'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed

Hackers are already leveraging these over-permissioned programs to access the IT systems of major security vendors.

Read Article

darkreading Jan 20, 2026 at 21:10

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.

Read Article

darkreading Jan 20, 2026 at 20:18

Mass Spam Attacks Leverage Zendesk Instances

The CRM vendor advised ignoring or deleting suspicious emails and said the attacks were not tied to any breach or software vulnerability.

Read Article

darkreading Jan 20, 2026 at 18:04

Vulnerabilities Threaten to Break Chainlit AI Framework

Familiar bugs in a popular open source framework for AI chatbots could give attackers dangerous powers in the cloud.

Read Article

darkreading Jan 20, 2026 at 15:52

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

The indirect prompt injection vulnerability allows an attacker to weaponize invites to circumvent Google's privacy controls and access private data.

Read Article

darkreading Jan 20, 2026 at 15:47

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry serious vulnerabilities.

Read Article

darkreading Jan 19, 2026 at 17:57

ChatGPT Health Raises Big Security, Safety Concerns

ChatGPT Health promises robust data protection, but elements of the rollout raise big questions regarding user security and safety.

Read Article

darkreading Jan 16, 2026 at 21:03

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

Related CVEs: CVE-2025-64155

Read Article

darkreading Jan 16, 2026 at 15:25

CISOs Rise to Prominence: Security Leaders Join the Executive Suite

Security professionals are moving up the executive ranks as enterprises face rising regulatory and compliance standards.

Read Article

darkreading Jan 16, 2026 at 14:00

AI System Reduces Attack Reconstruction Time From Weeks to Hours

Pacific Northwest National Labs' expert cybersecurity system, ALOHA, can recreate attacks and test them against organizations' infrastructure to bolster defense.

Read Article

darkreading Jan 15, 2026 at 21:26

Predator Spyware Sample Indicates 'Vendor-Controlled' C2

Researchers detailed how Intellexa, Predator's owner, uses failed deployments and thwarted infections to strengthen its commercial spyware and generate more effective attacks.

Read Article

darkreading Jan 15, 2026 at 19:10

Winter Olympics Could Share Podium With Cyberattackers

The upcoming Winter Games in the Italian Alps are attracting both hacktivists looking to reach billions of people and state-sponsored cyber-spies targeting the attending glitterati.

Read Article

darkreading Jan 15, 2026 at 15:19

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in WordPress plug-ins surge.

Read Article

darkreading Jan 15, 2026 at 11:00

Trio of Critical Bugs Spotted in Delta Industrial PLCs

Experts disagree on whether the vulnerabilities in a programmable logic controller from Delta are a five-alarm fire or not much to worry over.

Read Article