‘K2 Think’ AI Model Jailbroken Mere Hours After Release – Dark Reading
Researchers discovered that measures designed to make AI more transparent to users and regulators can also make it easier for bad actors to abuse. – Read More
Dark Reading
Students Pose Inside Threat to Education Sector – Dark Reading
The threats may not be malicious, but they are more than many security teams can handle. – Read More
Chinese Hackers Allegedly Pose as US Lawmaker – Dark Reading
Chinese state-backed threat actors are suspected of posing as Michigan congressman John Moolenaar in a series of spearphishing attacks. – Read More
The Quiet Revolution in Kubernetes Security – Dark Reading
As Kubernetes becomes the foundation of enterprise infrastructure, the underlying operating system must evolve alongside it. – Read More
Dormant macOS Backdoor ChillyHell Resurfaces – Dark Reading
With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols. – Read More
Southeast Asian Scam Centers Face More Financial Sanctions – Dark Reading
Firms cooperating with cybercrime syndicates in Burma and Cambodia face sanctions by the US government and enforcement actions by China, but the scams continue to grow. – Read More
EoP Flaws Again Lead Microsoft Patch Day – Dark Reading
Nearly half the CVEs Microsoft disclosed in its September security update, including one publicly known bug, enable escalation of privileges. – Read More
Is the Browser Becoming the New Endpoint? – Dark Reading
While the jury is still out on whether the browser is the new endpoint, it’s clear that use has skyrocketed and security needs to align. – Read More
Qantas Reduces Executive Pay Following Cyberattack – Dark Reading
The data breach, which occurred earlier this year, saw threat actors compromise a third-party platform to obtain Qantas customers’ personal information. – Read More
Huge NPM Supply-Chain Attack Goes Out With Whimper – Dark Reading
Threat actors phished Qix’s NPM account, then used their access to publish poisoned versions of 18 popular open-source packages accounting for more than 2 billion weekly downloads. – Read More
Salty2FA Takes Phishing Kits to Enterprise Level – Dark Reading
Cybercriminal operations use the same strategy and planning as legitimate organizations as they arm adversarial phishing kits with advanced features. – Read More
SentinelOne Announces Plans to Acquire Observo AI – Dark Reading
The combined company will help customers separate data ingestion from SIEM, to improve detection and performance. – Read More
‘MostereRAT’ Malware Blends In, Blocks Security Tools – Dark Reading
A threat actor is using a sophisticated EDR-killing malware tool in a campaign to maintain long-term, persistent access on Windows systems. – Read More
Salesloft Breached via GitHub Account Compromise – Dark Reading
The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens. – Read More
The Critical Failure in Vulnerability Management – Dark Reading
Organizations are seeking assistance to fix critical vulnerabilities. Solutions that orchestrate and automate network device protection put us on the right path. – Read More