Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Popular Topics
#General #Development #Mobile Development #Cloud & DevOps #Cybersecurity & Privacy #AI & Data Science #Hardware & Gadgets #Design & UXHackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware. The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
1Password Addresses Critical AI Browser Agent Security Gap
The security company looks to tackle new authentication challenges that could lead to credential leakage, as enterprises increasingly leverage AI browser agents.
Friday Squid Blogging: Sperm Whale Eating a Giant Squid
Video. As usual, you can also use this squid post to talk about the security stories in the news that I havenβt covered. Blog moderation policy.
RondoDox Botnet: an 'Exploit Shotgun' for Edge Vulns
RondoDox takes a hit-and-run, shotgun approach to exploiting bugs in consumer edge devices around the world.
Β Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. The post Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium appeared first on CyberScoop.
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
The spyware poses as popular apps like TikTok, and may break free of Russian borders at some point, the researchers say. The post Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium appeared first on CyberScoop.
Dems introduce bill to halt mass voter roll purgesΒ
The bill likely wonβt get far in a GOP-controlled Congress, but proponents described it as part of a broader effort to push back through constitutional institutions. The post Dems introduce bill to halt mass voter roll purges appeared first on CyberScoop.
The Fight Against Ransomware Heats Up on the Factory Floor
Ransomware gangs continue to set their sights on the manufacturing industry, but companies are taking steps to protect themselves, starting with implementing timely patch management protocols.
Feds Shutter ShinyHunters Salesforce Extortion Site
The group warned that law-enforcement crackdowns are imminent in the wake of the takedown, but its extortion threats against Salesforce victims remain active.
DDoS Botnet Aisuru Blankets US ISPs in Record DDoS
The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet's attacks, which shattered previous records this...
Chinese Hackers Use Velociraptor IR Tool in Ransomware Attacks
In a new wrinkle for adversary tactics, the Storm-2603 threat group is abusing the digital forensics and incident response (DFIR) tool to gain persistent access to victim networks.
Microsoft Adds Agentic AI Capabilities to Sentinel
Microsoft previewed the Sentinel security graph and MCP server at its annual Microsoft Secure virtual event earlier this month.
Deepfake Awareness High at Orgs, But Cyber Defenses Badly Lag
The vast majority of organizations are encountering AI-augmented threats, but remain confident in their defenses, despite inadequate detection investment and more than half falling to successful attacks.
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It's assessed that the malware is being propagated through
In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware
Other noteworthy stories that might have slipped under the radar: US universities targeted by payroll pirates, Zimbra vulnerability exploited, Mic-E-Mouse attack. The post In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware appeared first on SecurityWeek.
Commentary Section Launches New, More Opinionated Era
Dark Reading is looking for leading industry experts with a point of view they want to share with the rest of the cybersecurity community for our new Commentary section.
Microsoft Warns of βPayroll Piratesβ Hijacking HR SaaS Accounts to Steal Employee Salaries
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain access to third-party human resources (HR) software as a service (SaaS) platforms like Workday," the
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that's assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11 following a "potential vulnerability" reported by a customer, uncovering "potentially suspicious
Autonomous AI Hacking and the Future of Cybersecurity
AI agents are now hacking computers. Theyβre getting better at all phases of cyberattacks, faster than most of us expected. They can chain together different aspects of a cyber operation, and hack autonomously, at computer speeds and scale. This is going to change everything. Over the summer, hackers proved the concept, industry institutionalized it, and criminals operationalized it. In June, AI company XBOW took the...
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt. But not all AI SOC platforms are created equal. From prompt-dependent copilots to autonomous, multi-agent systems, the current market offers
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign. The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and energy
Juniper Networks Patches Critical Junos Space Vulnerabilities
Patches were rolled out for more than 200 vulnerabilities in Junos Space and Junos Space Security Director, including nine critical-severity flaws. The post Juniper Networks Patches Critical Junos Space Vulnerabilities appeared first on SecurityWeek.
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and
Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks
Google researchers believe exploitation may have started as early as July 10 and the campaign hit dozens of organizations. The post Sophisticated Malware Deployed in Oracle EBS Zero-Day Attacks appeared first on SecurityWeek.
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw
Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG) and Mandiant said in a new report released Thursday. "We're still assessing the scope of this incident, but we believe it affected dozens of organizations," John Hultquist, chief analyst of
SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal
The security vendorβs customers have confronted a barrage of actively exploited defects since 2021. The brute-force attack on a company-controlled system underscores broader security pitfalls are afoot. The post SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal appeared first on CyberScoop.
GitHub Copilot 'CamoLeak' AI Attack Exfiltrates Data
While GitHub has advanced protections for its built-in AI agent, a researcher came up with a creative proof-of-concept (PoC) attack for exfiltrating code and secrets via Copilot.
SonicWall: 100% of Firewall Backups Possibly Breached
SonicWall said a breach it disclosed last month affected firewall configuration files for all customers who have used SonicWallβs cloud backup service β up from its previous 5% estimate.
SonicWall: 100% of Firewall Backups Were Breached
SonicWall said a breach it disclosed last month affected firewall configuration files for all customers who have used SonicWallβs cloud backup service β up from its previous 5% estimate.
From HealthKick to GOVERSHELL: The Evolution of UTA0388's Espionage Malware
A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely
Sen. Peters tries another approach to extend expired cyber threat information-sharing law
A new bill renames the Cybersecurity Information Sharing Act of 2015 and would make its legal protections retroactive after its lapse. The post Sen. Peters tries another approach to extend expired cyber threat information-sharing law appeared first on CyberScoop.
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Researchers said malicious activity dates back to early July and active exploitation was observed two months ago. The post Dozens of Oracle customers impacted by Clop data theft for extortion campaign appeared first on CyberScoop.
Fastly CISO: Using Major Incidents as Career Catalysts
Marshall Erwin shares how crisis leadership shaped his path from CIA analyst to the US Congress to protecting global Web traffic at Fastly.
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them. "Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with the front
Take Note: Cyber-Risks With AI Notetakers
Transcription applications are joining your online meetings. Here's how to create policies for ensuring compliance and security of your information.