Money Mules Require Banks to Switch from Defense to Offense – Dark Reading
Financial institutions need to be proactive when identifying and mentally preventing fraudulent activity. Here’s what to watch f for . – Read More
Dark Reading
Encouraging Industry Voices to Write for the Commentary Section – Dark Reading
Dark Reading will continue to publish Tech Talks and Ask the Expert pieces in the Commentary section. Read on for submission guidelines. – Read More
Attackers Exploited Gogs Zero-Day Flaw for Months – Dark Reading
Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed last year. – Read More
AI in OT Sparks Cascade of Complex Challenges – Dark Reading
Using artificial intelligence in operational technology environments could be a bumpy ride full of trust issues and security challenges. – Read More
Copilot’s No-Code AI Agents Liable to Leak Company Data – Dark Reading
Microsoft puts the power of AI in the hands of everyday non-technical Joes. It’s a nice idea, and a surefire recipe for security issues. – Read More
Storm-0249 Abuses EDR Processes in Stealthy Attacks – Dark Reading
The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in recent high-precision attacks. – Read More
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery – Dark Reading
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install malware on victims’ computers. – Read More
Feds: Pro-Russia Hactivists Target US Critical Infrastructure – Dark Reading
So far the attacks, which compromise virtual network computing (VNC) connections in OT systems, have not been particularly destructive, but this could change as they evolve. – Read More
Japanese Firms Suffer Long Tail of Ransomware Damage – Dark Reading
Ransomware actors have targeted manufacturers, retailers, and the Japanese government, with many organizations requiring months to recover. – Read More
Microsoft Fixes Exploited Zero Day in Light Patch Tuesday – Dark Reading
Proof-of-concept exploit code is publicly available for two other flaws in this month’s Patch Tuesday. In total, the company issued patches for more than 1,150 flaws this year. – Read…
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR – Dark Reading
Shanya is the latest in an emerging field of packing malware, selling obfuscation functionality in order to help ransomware actors reach their target. – Read More
Analysts Warn of Cybersecurity Risks in Humanoid Robots – Dark Reading
Think “Blade Runner,” but the robots can be hacked more easily than your home computer. – Read More
Gemini Enterprise No-Click Flaw Exposes Sensitive Data – Dark Reading
Google has fixed a critical vulnerability that enabled attackers to add malicious instructions to common documents to exfiltrate sensitive corporate information. – Read More
Apache Issues Max-Severity Tika CVE After Patch Miss – Dark Reading
The Apache Software Foundation’s earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting an updated advisory and CVE. – Read More
Exploitation Activity Ramps Up Against React2Shell – Dark Reading
Attacks against CVE-2025-55182, which began almost immediately after public disclosure last week, have increased as more threat actors take advantage of the flaw. – Read More