darkreading
Aug 01, 2026 at 11:00
Latest cybersecurity news from CISA, Krebs on Security, and other trusted sources
Voluminous patch updates could soon be the norm, as artificial intelligence accelerates the speed and scale of vulnerability discovery.
"Ghost-Sender" uses Exchange Online or on-premises in hybrid mode with a third-party mail server or spam filter to achieve this level of spoofing.
The attacks stemmed from a GitHub account that was also compromised in a previous Miasmi attack on Microsoft last month.
Two separate campaigns target CVE-2025-8088, fixed last July, to conduct data theft and cyberespionage against military and government targets in Ukraine.
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims.
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
An extension of the Geneva Conventions could impose restrictions on cyberwarfare under ceasefire conditions and close a major loophole in international conflict.
The latest attacks, which hit 37 PyPI wheels and 19 code packages, show a continued evolution of the persistent software supply chain threat.
Threat actors are taking advantage of Internet-exposed tank gauges by breaching gas stations, opening the door to disruption.
AI worms, or "viruses with wings and brains," adapt to new environments, seek out vulnerabilities, and will likely strike within a year, researchers say.
The White House's executive order establishes voluntary framework for early government access to frontier models while investing in federal security.
Like Shai-Hulud, the campaign targets developers to steal credentials and reuses them to propagate across the software supply channel.
One of the world's most diverse, least-focused cybercrime groups is enlarging its footprint beyond East Asia.
Gartner analysts issued a call to action to bolster defenses against several emerging critical threats, such as deepfakes and prompt injections.
Organizations are growing serious about what nationβs rules apply to their data. Experts point to geopolitical tensions as a main contributing factor.
Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan's porous cybersecurity.
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
This feed aggregates the latest cybersecurity news from trusted sources to help you stay informed about emerging threats, vulnerabilities, and security trends.