Fortinet Issues Emergency Patch for FortiClient Zero-Day – Dark Reading
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. – Read More
Dark Reading
Automated Credential Harvesting Campaign Exploits React2Shell Flaw – Dark Reading
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data. – Read More
Shadow AI in Healthcare is Here to Stay – Dark Reading
Medical professionals are not going to stop using AI tools to manage growing workloads. Organizations should prioritize bolstering security protocols to limit their blast radius. – Read More
OWASP GenAI Security Project Gets Update, New Tools Matrix – Dark Reading
In recognition of 21 generative AI risks, the standards groups recommends that companies take separate but linked approaches to defending GenAI and agentic AI systems. – Read More
Inconsistent Privacy Labels Don’t Tell Users What They Are Getting – Dark Reading
Data privacy labels are a great idea for mobile apps, but the current versions just aren’t good enough. – Read More
Apple Breaks Precedent, Patches DarkSword for iOS 18 – Dark Reading
Even organizations with users unwilling or unable to adopt iOS 26 can now protect themselves from a severe, OSS mobile cracking tool. – Read More
Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting – Dark Reading
As organizations disclose breaches tied to TeamPCP’s supply chain attacks, ShinyHunters and Lapsus$ are getting involved, taking credit, and creating a murky situation for enterprises. – Read More
Picking Up ‘Skull Vibrations’? Could Be XR Headset Authentication – Dark Reading
“Skull vibration harmonics generated by vital signs” can be used to sign in to VR, AR, and MR headsets, according to emerging research. – Read More
Source Code Leaks Highlight Lack of Supply Chain Oversight – Dark Reading
Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer. – Read More
Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain – Dark Reading
The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open-source artifacts across containers, libraries, Actions and skills. – Read More
CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry – Dark Reading
Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry. – Read More
Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026 – Dark Reading
AI-driven threats, global leadership shifts, and the future of cybersecurity in a rapidly evolving landscape were among the discussions at RSAC 2026 Conference. – Read More
Not Toying Around: Hasbro Attack May Take ‘Weeks’ to Remediate – Dark Reading
The company’s 8-K filing notes “unauthorized access” and that it’s activated business continuity plans and taken some systems offline. – Read More
Security Bosses Are All-In on AI. Here’s Why – Dark Reading
CISOs are bullish on AI and have big plans to roll out future tools. We talk to Reddit CISO Frederick Lee and leading analyst Dave Gruber about how AI is…
RSAC 2026: AI Dominates, But Community Remains Key to Security – Dark Reading
As AI took center stage at this year’s conference, experts debated automation, oversight and the evolving role of human intelligence in cybersecurity — despite the US government’s notable absence. –…