‘Operation RoundPress’ Targets Ukraine in XSS Webmail Attacks – Dark Reading
A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities. – Read More
Dark Reading
S. Dakota CIO Gottumukkala Signs on as CISA Deputy Director – Dark Reading
The addition is an important hire for the No. 2 position at the cyber agency. The main director role remains unfilled post-Easterly, with Bridget Bean taking over acting duties for…
Legal Aid Agency Warns Lawyers, Defendants on Data Breach – Dark Reading
The online service has since been shut down as the agency grapples with the cyberattack, though it assures the public that those most in need of legal assistance will still…
CVE Disruption Threatens Foundations of Defensive Security – Dark Reading
If the Common Vulnerabilities and Exposures system continues to face uncertainty, the repercussions will build slowly, and eventually the cracks will become harder to contain. – Read More
CVE Disruption Threatens Foundations of Defensive Security – Dark Reading
If the Common Vulnerabilities and Exposures system continues to face uncertainty, the repercussions will build slowly, and eventually the cracks will become harder to contain. – Read More
Coinbase Extorted, Offers $20M for Info on Its Hackers – Dark Reading
Coinbase is going Liam Neeson on its attackers, potentially setting a new precedent for incident response in the wake of crypto- and blockchain-targeting cyberattacks. – Read More
Australian Human Rights Commission Leaks Docs in Data Breach – Dark Reading
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks. – Read More
Dynamic DNS Emerges as Go-to Cyberattack Facilitator – Dark Reading
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands. – Read More
Attacker Specialization Puts Threat Modeling on Defensive – Dark Reading
Specialization among threat groups poses challenges for defenders, who now must distinguish between different actors responsible for different facets of an attack. – Read More
How to Develop and Communicate Metrics for CSIRPs – Dark Reading
A well-documented cybersecurity incident response program (CSIRP) provides the transparency needed for informed decision-making, protecting the organization in a constantly changing threat environment. – Read More
Turkish APT Exploits Chat App Zero-Day to Spy on Iraqi Kurds – Dark Reading
Even after their zero-day turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger. –…
Big Steelmaker Halts Operations After Cyber Incident – Dark Reading
Nucor made it clear its investigation is still in the early stages and didn’t specify the nature or scope of the breach, nor who the threat actor might be. –…
Valarian Unveils Data Management Platform Designed for Government Use – Dark Reading
The startup, which previously launched the Acra platform, aims to address data management issues by isolating and compartmentalizing access to reduce fallout from system compromises. – Read More
International Crime Rings Defraud US Gov’t Out of Billions – Dark Reading
Fraudsters worldwide apply for money from the US government using stolen and forged identities, making off with hundreds of billions of dollars annually. – Read More
Attackers Target Samsung MagicINFO Server Bug, Patch Now – Dark Reading
CVE-2025-4632, a patch bypass for a Samsung MagicInfo 9 Server vulnerability disclosed last year, has been exploited by threat actors in the wild. – Read More