45 New Domains Linked to Salt Typhoon, UNC4841 – Dark Reading
The China-backed threat actors have used the previously undiscovered infrastructure to obtain long-term, stealthy access to targeted organizations. – Read More
Dark Reading
How Has IoT Security Changed Over the Past 5 Years? – Dark Reading
Experts agree there have been subtle improvements, with new laws and applied best practices, but there is still a long way to go. – Read More
Critical SAP S/4HANA Vulnerability Under Attack, Patch Now – Dark Reading
Exploitation of CVE-2025-42957 requires “minimal effort” and can result in a complete compromise of the SAP system and host OS, according to researchers. – Read More
Anyone Using Agentic AI Needs to Understand Toxic Flows – Dark Reading
The biggest vulnerabilities may lie at the boundaries of where the AI agent connects with the enterprise system. – Read More
Secretive MaaS Group ‘TAG-150’ Develops Novel ‘CastleRAT’ – Dark Reading
TAG-150 is running a multifaceted and relatively successful malware-as-a-service operation, without advertising itself on the Dark Web. – Read More
Scammers Are Using Grok to Spread Malicious Links on X – Dark Reading
It’s called “grokking,” and gives spammers a way to skirt X’s ban on links in promoted posts and reach larger audiences than ever before. – Read More
Embracing the Next Generation of Cybersecurity Talent – Dark Reading
Programs like student-run SOCs can expand our cybersecurity workforce and better secure our public and private entities for when, not if, cyberattacks occur. – Read More
Federal Cuts Put Local, State Agencies at Cyber-Risk – Dark Reading
Cyberattackers target local and state agencies, a problem as the Trump administration cuts cybersecurity funds and culls workers at federal security agencies. – Read More
Federal Cuts Put Local, State Agencies at Cyber Risk – Dark Reading
Cyberattackers target local and state agencies, a problem as the Trump administration cuts cybersecurity funds and culls workers at federal security agencies. – Read More
Sitecore Zero-Day Sparks New Round of ViewState Threats – Dark Reading
The vulnerability marks the latest example of threat actors weaponizing exposed ASP.NET machine keys for remote injection and deserialization attacks. – Read More
Bridgestone Americas Confirms Cyberattack – Dark Reading
Reports of disruptions at North American plants emerged earlier this week, though the nature of the attack on the tire manufacturer remains unclear. – Read More
Chinese Hackers Game Google to Boost Gambling Sites – Dark Reading
New threat actor “GhostRedirector” is using a malicious IIS module to inject links that try to artificially boost search engine ranking for target sites. – Read More
ISC2 Aims to Bridge DFIR Skill Gap with New Certificate – Dark Reading
The Nonprofit organization launched the Threat Handling Foundations Certificate amid mounting incident and breach disclosures. – Read More
Phishing Empire Runs Undetected on Google, Cloudflare – Dark Reading
What’s believed to be a global phishing-as-a-service enterprise using cloaking techniques has been riding on public cloud infrastructure for more than 3 years. – Read More
Czech Warning Highlights China Stealing User Data – Dark Reading
Czech cyber agency NÚKIB warned of the risks of using products and software that send data back to China. – Read More