Vulnerabilities & Threats

More Topics
A still from the famous orgasm scene in "When Harry Met Sally"
Application Security
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes

The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.

byNate Nelson, Contributing Writer
Nov 26, 2024
|
1 Min Read
Male hand holding a tablet, with a car floating above it; black background
Vulnerabilities & Threats
My Car Knows My Secrets, and I'm (Mostly) OK With ThatMy Car Knows My Secrets, and I'm (Mostly) OK With That
byKyle Hanslovan
Nov 26, 2024
1 Min Read
phishing login credentials financial services FS-ISAC
Cybersecurity Operations
Phishing Prevention Framework Reduces Incidents by HalfPhishing Prevention Framework Cuts Abuse Incidents in Half
byRobert Lemos, Contributing Writer
Nov 25, 2024
1 Min Read
Ransomware crime scene tape
Vulnerabilities & Threats
BlackBasta Ransomware Brand Picks Up Where Conti Left OffBlackBasta Ransomware Brand Picks Up Where Conti Left Off
byBecky Bracken, Senior Editor, Dark Reading
Nov 25, 2024
1 Min Read
Water treatment plant viewed from above
Vulnerabilities & Threats
Leaky Cybersecurity Holes Put Water Systems at RiskLeaky Cybersecurity Holes Put Water Systems at Risk
byRobert Lemos, Contributing Writer
Nov 22, 2024
1 Min Read
Red padlock on top of a shield shape, with circuit board imagery superimposed; background is orange-yellow
Vulnerabilities & Threats
Going Beyond Secure by DemandGoing Beyond Secure by Demand
bySaša Zdjelar
Nov 22, 2024
1 Min Read
Outlines of two figures facing each other, one with the US flag and one with the Chinese flagged superimposed; the figures have circuits for heads
Cyber Risk
China's Cyber Offensives Built in Lockstep With Private Firms, Academia
China's Cyber Offensives Built in Lockstep With Private Firms, Academia
Nov 22, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
puzzle pieces with combination lock to represent secure coding practices
Application Security
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
Nov 21, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Microsoft logo on the side of a building
Cybersecurity Operations
Microsoft Takes Action Against Phishing-as-a-Service Platform
Microsoft Takes Action Against Phishing-as-a-Service Platform
Nov 21, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Hand reaching from bottom of image, disturbing 1s and 0s
Cyberattacks & Data Breaches
Cybersecurity Is Critical, but Breaches Don't Have to Be Disasters
Cybersecurity Is Critical, but Breaches Don't Have to Be Disasters
Nov 21, 2024
|
1 Min Read
byAkhil Mittal, Senior Manager, Black Duck Software
Flat layout of different Apple products on a gray background
Cyberattacks & Data Breaches
Apple Urgently Patches Actively Exploited Zero-Days
Apple Urgently Patches Actively Exploited Zero-Days
Nov 20, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Earth, viewed from space, with cybersecurity symbols floating around it
Vulnerabilities & Threats
Small US Cyber Agencies Are Underfunded & That's a Problem
Small US Cyber Agencies Are Underfunded & That's a Problem
Nov 20, 2024
|
1 Min Read
byMichael Daniel, President & CEO, Cyber Threat Alliance
An artistic portrayal of hell featuring mountains and lakes of fire
Cyberattacks & Data Breaches
Linux Variant of Helldown Ransomware Targets VMware ESXi Systems
Linux Variant of Helldown Ransomware Targets VMware ESXi Systems
Nov 19, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Words reading "Penetration test" on a blue screen
Vulnerabilities & Threats
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Nov 19, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
PR Logo
Vulnerabilities & Threats
Security Industry Association Announces SIA RISE Scholarship Awardees
Security Industry Association Announces SIA RISE Scholarship Awardees
Nov 18, 2024
|
1 Min Read
PR Logo
Vulnerabilities & Threats
Bugcrowd Names Trey Ford as CISO
Bugcrowd Names Trey Ford as CISO
Nov 18, 2024
|
1 Min Read
Jen Easterly testifies before committee on Homeland Security during a hearing about evolving the US approach to cybersecurity
Vulnerabilities & Threats
Jen Easterly, CISA Director, to Step Down on Inauguration Day
Jen Easterly, CISA Director, to Step Down on Inauguration Day
Nov 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
WordPress logo displayed on mobile device screen next to homepage of WordPress website displayed on laptop screen
Сloud Security
Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
Nov 18, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
A group of people holding devices sitting around a bed.
Remote Workforce
Name That Toon: Meeting of Minds
Name That Toon: Meeting of Minds
Nov 18, 2024
|
1 Min Read
byJohn Klossner, Cartoonist
Shadow of hot-air balloon over the Namib desert. Namib-Naukluft Park, Namibia
Cyber Risk
To Map Shadow IT, Follow Citizen Developers
To Map Shadow IT, Follow Citizen Developers
Nov 18, 2024
|
1 Min Read
byMichael Bargury, CTO & Co-Founder, Zenity
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall Bug
Palo Alto Networks Patches Critical Zero-Day Firewall Bug
Nov 18, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Department of Homeland Security Logo has an eagle in the middle of the seal
Сloud Security
DHS Releases Secure AI Framework for Critical Infrastructure
DHS Releases Secure AI Framework for Critical Infrastructure
Nov 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Microsoft logo on a building
Сloud Security
Microsoft Pulls Exchange Patches Amid Mail Flow Issues
Microsoft Pulls Exchange Patches Amid Mail Flow Issues
Nov 15, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Signpost reading "THREATS" with a read background
Vulnerabilities & Threats
Combating the Rise of Federally Aimed Malicious Intent
Combating the Rise of Federally Aimed Malicious Intent
Nov 15, 2024
|
1 Min Read
byTony Holmes, Practice Lead, Practice Lead for Solutions Architects in the Public Sector, Pluralsight
A laptop computer on a table displaying PostgreSQL logo
Vulnerabilities & Threats
Varonis Warns of Bug Discovered in PostgreSQL PL/Perl
Varonis Warns of Bug Discovered in PostgreSQL PL/Perl
Nov 14, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
The words SECURITY ALERT in red on a black screen otherwise filled with blue letters and numbers
Vulnerabilities & Threats
The Vendor's Role in Combating Alert Fatigue
The Vendor's Role in Combating Alert Fatigue
Nov 14, 2024
|
1 Min Read
bySupradeep Bokkasam, Security Engineer
Capitol Building in Washington, DC, against a blue sky
Vulnerabilities & Threats
Washington's Cybersecurity Storm of Complacency
Washington's Cybersecurity Storm of Complacency
Nov 14, 2024
|
1 Min Read
byJeffrey Wells, Visiting Fellow, National Security Institute at George Mason University's Antonin Scalia Law School
A submarine underwater
Cyberattacks & Data Breaches
Toolkit Vastly Expands APT41's Surveillance Powers
Toolkit Vastly Expands APT41's Surveillance Powers
Nov 13, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Red ZERO-DAY text amid yellow binary code
Cyberattacks & Data Breaches
Zero-Days Win the Prize for Most Exploited Vulns
Zero-Days Wins the Prize for Most Exploited Vulns
Nov 13, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
A person's finger about to click on the LinkedIn app on a phone
Cyberattacks & Data Breaches
Iranian Cybercriminals Target Aerospace Workers via LinkedIn
Iranian Cybercriminals Target Aerospace Workers via LinkedIn
Nov 13, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
The letters "LLM" in grey and purple 3D text on top of a computer component with the words "large language model" underneath in white
Сloud Security
Google AI Platform Bugs Leak Proprietary Enterprise LLMs
Google AI Platform Bugs Leak Proprietary Enterprise LLMs
Nov 13, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Computer chip labeled AI, on top of circuit boards
Vulnerabilities & Threats
How CISOs Can Lead the Responsible AI Charge
How CISOs Can Lead the Responsible AI Charge
Nov 13, 2024
|
1 Min Read
byLucas Moody, Chief Information Security Officer, Alteryx
A laptop screen showing a blue screen of death
Сloud Security
2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit
2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit
Nov 12, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Amazon.com website viewed on an iPad
Сloud Security
Amazon Employee Data Compromised in MOVEit Breach
Amazon Employee Data Compromised in MOVEit Breach
Nov 12, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Mobile device with the GitHub app displayed on the screen
Сloud Security
'GoIssue' Cybercrime Tool Targets GitHub Developers En Masse
'GoIssue' Cybercrime Tool Targets GitHub Developers En Masse
Nov 12, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer

Editor's Choice

Pegasus Spyware concept with binary code background
Endpoint Security
WhatsApp: NSO Group Operates Pegasus Spyware for CustomersWhatsApp: NSO Group Operates Pegasus Spyware for Customers
byJai Vijayan, Contributing Writer
Nov 18, 2024
4 Min Read
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall BugPalo Alto Networks Patches Critical Zero-Day Firewall Bug
byBecky Bracken, Senior Editor, Dark Reading
Nov 18, 2024
3 Min Read
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS FilesChatGPT Exposes Its Instructions, Knowledge & OS Files
byNate Nelson, Contributing Writer
Nov 15, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe