‘Dark LLMs’ Aid Petty Criminals, But Underwhelm Technically – Dark Reading
As in the wider world, AI is not quite living up to the hype in the cyber underground. But it’s definitely helping low-level cybercriminals do competent work. – Read More
Dark Reading
Prompt Injections Loom Large Over ChatGPT’s Atlas Browser – Dark Reading
It’s the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections. – Read More
How Malware Authors Are Incorporating LLMs to Evade Detection – Dark Reading
Cyberattackers are integrating large language models (LLMs) into the malware, running prompts at runtime to evade detection and augment their code on demand. – Read More
Enterprises Aren’t Confident They Can Secure Non-Human Identities (NHIs) – Dark Reading
More than half of organizations surveyed aren’t sure they can secure non-human identities (NHIs), underscoring the lag between the rollout of these identities and the tools to protect them. –…
Iran Exploits Cyber Domain to Aid Kinetic Strikes – Dark Reading
The country deploys “cyber-enabled kinetic targeting” prior to — and following — real-world missile attacks against ships and land-based targets. – Read More
Advanced Security Isn’t Stopping Ancient Phishing Tactics – Dark Reading
New research reveals that sophisticated phishing attacks consistently bypass traditional enterprise security measures. – Read More
Cheap Hardware Module Bypasses AMD, Intel Memory Encryption – Dark Reading
Researchers built an inexpensive device that circumvents chipmakers’ confidential computing protections and reveals weaknesses in scalable memory encryption. – Read More
DPRK’s FlexibleFerret Tightens macOS Grip – Dark Reading
The actor behind the “Contagious Interview” campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users. – Read More
With Friends Like These: China Spies on Russian IT Orgs – Dark Reading
State-linked hackers stayed under the radar by using a variety of commercial cloud services for command-and-control communications. – Read More
As Gen Z Enters Cybersecurity, Jury Is Out on AI’s Impact – Dark Reading
Despite possibly supplanting some young analysts, one Gen Z cybersecurity specialist sees AI helping teach those willing to learn and removing drudge work. – Read More
‘JackFix’ Attack Circumvents ClickFix Mitigations – Dark Reading
A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks. – Read More
ShadowRay 2.0 Turns AI Clusters into Crypto Botnets – Dark Reading
A threat actor is leveraging a flaw in the Ray framework to hijack AI infrastructure worldwide and distribute a self-propagating cryptomining and data theft botnet. – Read More
Critical Flaw in Oracle Identity Manager Under Exploitation – Dark Reading
The exploitation of CVE-2025-61757 follows a breach of Oracle Cloud earlier this year as well as a recent extortion campaign targeting Oracle E-Business Suite customers. – Read More
Infamous Shai-hulud Worm Resurfaces From the Depths – Dark Reading
This campaign introduces a new variant that executes malicious code during preinstall, significantly increasing potential exposure in build and runtime environments, researchers said. – Read More
Vision Language Models Keep an Eye on Physical Security – Dark Reading
Advancements in vision language models expanded models reasoning capabilities to help protect employee safety. – Read More