The AI Attack Surface: How Agents Raise the Cyber Stakes – Dark Reading
Researcher shows how agentic AI is vulnerable to hijacking to subvert an agent’s goals and how agent interaction can be altered to compromise whole networks. – Read More
Dark Reading
Cloudflare Blames Outage on Internal Configuration Error – Dark Reading
Initially though to be a DDoS attack, the incident was actually due to a routine change in permissions that caused widespread software failure. – Read More
Critical Railway Braking Systems Open to Tampering – Dark Reading
It only takes recycled cans, copper, and cheap gadgets off the Web to trick a train conductor into doing something dangerous. – Read More
US Creates ‘Strike Force’ to Take Out SE Asian Scam Centers – Dark Reading
The collaborative effort combines multiple federal departments, along with private companies to reduce, if not eliminate, billions lost annually to fraud. – Read More
Cloud Break: IoT Devices Open to Silent Takeover Via Firewalls – Dark Reading
IoT devices can be compromised, thanks to gaps in cloud management interfaces for firewalls and routers, even if they’re protected by security software or not online. – Read More
Can a Global, Decentralized System Save CVE Data? – Dark Reading
As vulnerabilities in the Common Vulnerabilities and Exposures ecosystem pile up, one Black Hat Europe presenter hopes for a global, distributed alternative. – Read More
Iran-Nexus Threat Actor UNC1549 Takes Aim at Aerospace – Dark Reading
Researchers say Israel remains a central focus, with UNC1549 targeting aerospace and defense entities in the US, the UAE, Qatar, Spain, and Saudi Arabia. – Read More
How We Ditched the SaaS Status Quo for Time-Series Telemetry – Dark Reading
Free the logs! Behind the scenes at InfluxData, which turned to its own in-house security monitoring platform, DiSCO, to protect its supply chain after its third-party tool was breached. –…
Malicious Npm Packages Abuse Adspect Cloaking in Crypto Scam – Dark Reading
A malware campaign presents fake websites that can check if a visitor is a potential victim or a security researcher, and then proceed accordingly to defraud or evade. – Read…
Bug Bounty Programs Rise as Key Strategic Security Solutions – Dark Reading
Bug bounty programs create formal channels for organizations to leverage external security expertise, offering researchers legal protection and financial incentives for ethical vulnerability disclosure. – Read More
New Startup Mate Launches With AI-Driven Security Operations Platform – Dark Reading
Security teams can combat alert fatigue, high rates of false positives, and reduce time spent on manual data collection with Mate’s SOC platform, which utilizes AI agents to autonomously investigate…
Critical Fortinet FortiWeb WAF Bug Exploited in the Wild – Dark Reading
The vulnerability could allow an unauthenticated attacker to remotely execute administrative commands. – Read More
US Citizens Plead Guilty to Aiding North Korean IT Worker Campaigns – Dark Reading
Four individuals admitted to assisting foreign IT workers in gaining employment at US companies by providing false identities and remote access to employer-owned laptops. – Read More
Cursor Issue Paves Way for Credential-Stealing Attacks – Dark Reading
Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor’s internal browser. – Read More
Akira RaaS Targets Nutanix VMs, Threatens Critical Orgs – Dark Reading
The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors. – Read More