Max Severity Bug in Apache Roller Enabled Persistent Access – Dark Reading
The remediated flaw gave adversaries a way to maintain access to the app through password resets. – Read More
Dark Reading
With AI’s Help, Bad Bots Are Taking Over the Web – Dark Reading
Bad bots are becoming increasingly difficult to detect as they more easily mimic human behaviors and utilize evasion techniques, researchers say. – Read More
AI-Powered Presentation Tool Leveraged in Phishing Attacks – Dark Reading
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named “Gamma” in phishing attacks. – Read More
Hertz Falls Victim to Cleo Zero-Day Attacks – Dark Reading
Customer data such as birth dates, credit card numbers and driver’s license information were stolen when threat actors exploited zero-day vulnerabilities in Cleo-managed file transfer products. – Read More
Wave of Wine-Inspired Phishing Attacks Targets EU Diplomats – Dark Reading
Russia-backed APT29’s latest campaign once again uses malicious invites to wine-tasting events as its lure, but this time targets a different set of vintages — errr, victims — and delivers…
China-Backed Threat Actor ‘UNC5174’ Using Open Source Tools in Stealthy Attacks – Dark Reading
Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar. – Read More
Are We Prioritizing the Wrong Security Metrics? – Dark Reading
True security isn’t about meeting deadlines — it’s about mitigating risk in a way that aligns with business objectives while protecting against real-world threats. – Read More
AI Code Tools Widely Hallucinate Packages – Dark Reading
The hallucination problem is not just pervasive, it is persistent as well, according to new research. – Read More
Threat Intel Firm Offers Crypto in Exchange for Dark Web Accounts – Dark Reading
Prodaft is currently buying accounts from five Dark Web forums and offers to pay extra for administrator or moderator accounts. The idea is to infiltrate forums to boost its threat…
Fortinet Zero-Day Bug May Lead to Arbitrary Code Execution – Dark Reading
A threat actor posted about the zero-day exploit on the same day that Fortinet published a warning about known vulnerabilities under active exploitation. – Read More
Chinese APTs Exploit EDR ‘Visibility Gap’ for Cyber Espionage – Dark Reading
Blind spots in network visibility, including in firewalls, IoT devices, and the cloud, are being exploited by Chinese state-backed threat actors with increasing success, according to new threat intelligence. Here’s…
A New ‘It RAT’: Stealthy ‘Resolver’ Malware Burrows In – Dark Reading
A new infostealer on the market is making big waves globally, replacing Lumma et al. in attacks and employing so many stealth, persistence, and anti-analysis tricks that it’s downright difficult…
7 RSAC 2025 Cloud Security Sessions You Don’t Want to Miss – Dark Reading
Some of the brightest minds in the industry will discuss how to strengthen cloud security. – Read More
How DigitalOcean Moved Away From Manual Identity Management – Dark Reading
DigitalOcean executives describe how they automated and streamlined many of the identity and access management functions which had been previously handled manually. – Read More
Morocco Investigates Social Security Agency Data Leak – Dark Reading
A threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum. – Read More