New Security Tools Target Growing macOS Threats – Dark Reading
A public dataset and platform-agnostic analysis tool aim to help organizations in the fight against Apple-targeted malware, which researchers say has lacked proper attention. – Read More
Dark Reading
Hardened Containers Look to Eliminate Common Source of Vulnerabilities – Dark Reading
A kitchen-sink approach to building containers has loaded many with vulnerabilities. A handful of companies are trying to slim them down. – Read More
150,000 Packages Flood NPM Registry in Token Farming Campaign – Dark Reading
A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz protocol. – Read More
Shadow Program Gives AWS Exec New Security Lens – Dark Reading
Sara Duffer highlights the top lessons she brought back to her security role following three years in Amazon’s shadow program. – Read More
Identity Governance and Administration, App Proliferation, and the App Integration Chasm – Dark Reading
Most enterprises use more than 1,000 apps, according to ESG research, yet about half are integrated with IGA. Industry innovations enable teams to expand app coverage and get more IGA…
How CISOs Can Best Work with CEOs and the Board: Lessons from the Field – Dark Reading
To build an effective relationship with the CEO and the Board, CISOs must translate technical risks into business terms and position cybersecurity as a strategic business enabler rather than just…
Orgs Move to SSO, Passkeys to Solve Bad Password Habits – Dark Reading
In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the problem. – Read More
[Dark Reading Virtual Event] Know Your Enemy: How cybercriminals and nation-state hackers operate – Dark Reading
Post Content – Read More
Coyote, Maverick Banking Trojans Run Rampant in Brazil – Dark Reading
South America’s largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outside Brazil. – Read More
Kenya Kicks Off ‘Code Nation’ With a Nod to Cybersecurity – Dark Reading
The African country aims to train 1 million workers in tech skills in the short term, with a focus on software engineering, cybersecurity, and data science. – Read More
‘CitrixBleed 2’ Wreaks Havoc as Zero-Day Bug – Dark Reading
The same APT hammered critical bugs in Citrix NetScaler (CVE-2025-5777) and the Cisco Identity Service Engine (CVE-2025-20337) in a sign of growing adversary interest in identity and access management systems.…
Google Looks to Dim ‘Lighthouse’ Phishing-as-a-Service Op – Dark Reading
The phishing kit, run by a group known as the “Smishing Triad,” has powered massive amounts of unpaid tolls and package tracking texts. – Read More
Microsoft Exchange ‘Under Imminent Threat’, Act Now – Dark Reading
Threats against Microsoft Exchange continue to mount, but there are steps both organizations and Microsoft can take. – Read More
Phishing Tool Uses Smart Redirects to Bypass Detection – Dark Reading
A campaign against Microsoft 365 users leverages Quantum Route Redirection, which simplifies previously technical attack steps and has affected victims across 90 countries. – Read More
Patch Now: Microsoft Flags Zero-Day & Critical Zero-Click Bugs – Dark Reading
Security teams may have a less burdensome rollout in November after October’s Goliath Patch Tuesday, but shouldn’t wait on a few top-priority fixes. – Read More