Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day – Dark Reading
The vendor’s first Patch Tuesday of the year also contains fixes for 112 CVEs, nearly double the amount from last month. – Read More
Dark Reading
Shadow#Reactor Uses Text Files to Deliver Remcos RAT – Dark Reading
Attackers use a sophisticated delivery mechanism of text-only files for RAT deployment, showcasing a clever way to bypass defensive tools and rely on the target’s own utilities. – Read More
Attackers Abuse Python, Cloudflare to Deliver AsyncRAT – Dark Reading
The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust. – Read More
BreachForums Breached, Exposing 324K Cybercriminals – Dark Reading
Massive data dump reveals real identities and details of administrators and members of the notorious hacker forum. – Read More
GoBruteforcer Botnet Targets 50K-plus Linux Servers – Dark Reading
Researchers detailed a souped-up version of the GoBruteforcer botnet that preys on servers with weak credentials and AI-generated configurations. – Read More
Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult – Dark Reading
No matter what new laws or regulations make the cut for 2026, it’s clear that compliance challenges will persist and federal legislation will be limited. – Read More
FBI Flags Quishing Attacks From North Korean APT – Dark Reading
A state-sponsored threat group tracked as “Kimsuky” sent QR-code-filled phishing emails to US and foreign government agencies, NGOs, and academic institutions. – Read More
Hexnode Moves into Endpoint Security With Hexnode XDR – Dark Reading
Post Content – Read More
Two Separate Campaigns Target Exposed LLM Services – Dark Reading
A total of 91,403 sessions targeted public LLM endpoints to find leaks in organizations’ use of AI and map an expanding attack surface. – Read More
Deepfake Fraud Tools Are Lagging Behind Expectations – Dark Reading
Deepfakes are becoming more realistic and more popular. Luckily, defenders are still ahead in the arms race. – Read More
Illicit Crypto Economy Surges as Nation-States Join in the Fray – Dark Reading
Cybercriminal cryptocurrency transactions totaled billions in 2025, with activity from sanctioned countries like Russia and Iran causing the largest jump. – Read More
Notorious Russian APT Nabs Credentials From Global Targets – Dark Reading
“Fancy Bear” relies on basic techniques that are highly effective, often delivering greater ROI than more complex malware-heavy operations. – Read More
CrowdStrike to Buy SGNL to Expand Identity Security Capabilities – Dark Reading
The CrowdStrike-SGNL deal underscores how identity security has become a critical component of enterprise cybersecurity as companies add cloud services and deploy AI-driven tools. – Read More
Maximum Severity HPE OneView Flaw Exploited in the Wild – Dark Reading
Exploitation of CVE-2025-37164 can enable remote code execution on HPE’s IT infrastructure management platform, leading to devastating consequences. – Read More
Fake AI Chrome Extensions Steal 900K Users’ Data – Dark Reading
Threat actors ripped off a legitimate AI-powered Chrome extension in order to harvest ChatGPT and DeepSeek data before sending it to a C2 server. – Read More