Vulnerabilities & Threats

More Topics
A cup of Nespresso coffee
Cyberattacks & Data Breaches
Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or SugarNespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar

An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.

byBecky Bracken, Senior Editor, Dark Reading
Apr 22, 2024
|
1 Min Read
Hacker typing on a laptop with a digital overlay
Vulnerabilities & Threats
Where Hackers Find Your Weak SpotsWhere Hackers Find Your Weak Spots
byStu Sjouwerman
Apr 22, 2024
1 Min Read
Two figures draped in US and Chinese flags confronting each other
ICS/OT Security
FBI Director Wray Issues Dire Warning on China's Cybersecurity ThreatFBI Director Wray Issues Dire Warning on China's Cybersecurity Threat
byJai Vijayan, Contributing Writer
Apr 19, 2024
1 Min Read
Dart on target, holding up a piece of paper reading "METRICS"
Cybersecurity Analytics
Rethinking How You Work With Detection and Response MetricsRethinking How You Work With Detection and Response Metrics
byJeffrey Schwartz
Apr 19, 2024
1 Min Read
Spy peering between the bars on American flag
Vulnerabilities & Threats
AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 ElectionAI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election
byShawn Henry
Apr 19, 2024
1 Min Read
Colorful abstract illustrated design of dots
Vulnerabilities & Threats
'MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity'MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity
byTara Seals, Managing Editor, News, Dark Reading
Apr 19, 2024
1 Min Read
The letters EDR/XDR amid binary code
Application Security
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
Apr 19, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Virtual private network protocol concept illustration
Remote Workforce
Cisco Warns of Massive Surge in Password-Spraying Attacks on VPNs
Cisco Warns of Massive Surge in Password-Spraying Attacks on VPNs
Apr 18, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
PR Logo
Vulnerabilities & Threats
Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center
Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center
Apr 18, 2024
|
1 Min Read
An ICS control panel
ICS/OT Security
ICS Network Controllers Open to Remote Exploit, No Patches Available
ICS Network Controllers Open to Remote Exploit, No Patches Available
Apr 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Steering wheel and dashboard of a car traveling on a bridge
Cyberattacks & Data Breaches
Russian APT Group Thwarted in Attack on US Automotive Manufacturer
Russian APT Group Thwarted in Attack on US Automotive Manufacturer
Apr 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
"NIST" in white type on a black stripe, over a digital background
Vulnerabilities & Threats
Rebalancing NIST: Why 'Recovery' Can't Stand Alone
Rebalancing NIST: Why 'Recovery' Can't Stand Alone
Apr 18, 2024
|
1 Min Read
byAlex Janas, Field Chief Technology Officer, Commvault
Cones and spools of colorful sewing thread organized by color from red, orange, yellow, blue
Application Security
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Apr 18, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Senior Woman Giving Credit Card Details On a Landline Phone
Vulnerabilities & Threats
Countering Voice Fraud in the Age of AI
Countering Voice Fraud in the Age of AI
Apr 17, 2024
|
1 Min Read
byLaura Wilber, Senior Industry Analyst, Enea
Containers in the cloud concept art
Сloud Security
Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns
Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns
Apr 17, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
The Ivanti logo on a wall
Vulnerabilities & Threats
Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities
Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities
Apr 17, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
The word "botnet" spelled out in white with geometric scaffolding shapes behind it
ICS/OT Security
Various Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks
Various Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks
Apr 17, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Russian Main Intelligence Directorate GRU - uniform badge
ICS/OT Security
'Sandworm' Group Is Russia's Primary Cyberattack Unit in Ukraine
'Sandworm' Group Is Russia's Primary Cyberattack Unit in Ukraine
Apr 17, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
A cockroach crawling on software code
Application Security
Delinea Fixes Flaw, but Only After Analyst Goes Public With Disclosure First
Delinea Fixes Flaw After Analyst Goes Public With Disclosure First
Apr 16, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
ICS/OT Security
Name That Toon: Last Line of Defense
Name That Toon: Last Line of Defense
Apr 16, 2024
|
1 Min Read
byJohn Klossner, Cartoonist
A Bitcoin in front of a metal background with a red lock and the word "ransomware" across it
Endpoint Security
LockBit 3.0 Variant Generates Custom, Self-Propagating Malware
LockBit 3.0 Variant Generates Custom, Self-Propagating Malware
Apr 16, 2024
|
1 Min Read
byJeffrey Schwartz, Contributing Writer
Toll booth on highway; signs saying "Cash Only" and "EZ-Pass No Cash"
Cyberattacks & Data Breaches
FBI: Smishing Campaign Lures Victims With Unpaid-Toll Notices
FBI: Smishing Campaign Lures Victims With Unpaid-Toll Notices
Apr 16, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Palo Alto sign at the entrance to the company's headquarters
Cyberattacks & Data Breaches
Palo Alto Network Issues Hotfixes for Zero-Day Bug in Its Firewall OS
Palo Alto Network Issues Hot Fixes for Zero-Day Bug in Its Firewall OS
Apr 15, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Various cryptocurrency coins like Bitcoin spread on top of a wallet
Cyberattacks & Data Breaches
Web3 Game Developers Targeted in Crypto Theft Scheme
Web3 Game Developers Targeted in Crypto Theft Scheme
Apr 15, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Coin operated binoculars; blue sky behind it
Vulnerabilities & Threats
Microsoft Wants You to Watch What It Says, Not What It Does
Microsoft Wants You to Watch What It Says, Not What It Does
Apr 15, 2024
|
1 Min Read
bySteve Weber, Professor of the Graduate School, UC Berkeley School of Information
A hooded person holding a magnifying glass to their eye with a bunch of designs and numbers laid over
Vulnerabilities & Threats
CISA's Malware Analysis Platform Could Foster Better Threat Intel
CISA's Malware Analysis Platform Could Foster Better Threat Intel
Apr 12, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
A hand selecting the Word application in Microsoft Office
Cyberattacks & Data Breaches
CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits
CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits
Apr 12, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
Tiles with keyhole icons on a blue background; red arrows indicate an attack
Vulnerabilities & Threats
Critical Infrastructure Security: Observations From the Front Lines
Critical Infrastructure Security: Observations From the Front Lines
Apr 12, 2024
|
1 Min Read
bySean Tufts, Managing Partner for Critical Infrastructure, Optiv
CISA seal
Threat Intelligence
Sisense Password Breach Triggers 'Ominous' CISA Warning
Sisense Password Breach Triggers 'Ominous' CISA Warning
Apr 11, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
PR Logo
Vulnerabilities & Threats
Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity
Cohesity Extends Collaboration to Strengthen Cyber Resilience With IBM Investment in Cohesity
Apr 11, 2024
|
1 Min Read
laptop with rust logo
Application Security
Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases
Critical Rust Flaw Poses Exploit Threat in Specific Windows Use Cases
Apr 11, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
North Korea flag with digital code
Vulnerabilities & Threats
DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse
DPRK Exploits 2 MITRE Sub-Techniques: Phantom DLL Hijacking, TCC Abuse
Apr 11, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Green door in the side of a tan brick building
Сloud Security
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously
Apr 11, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
A magnifying glass being held up in front of the apple logo
Vulnerabilities & Threats
Apple Warns Users in 150 Countries of Mercenary Spyware Attacks
Apple Warns Users Targeted by Mercenary Spyware
Apr 11, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Check marks on tiles, with a yellow background
Vulnerabilities & Threats
Why MLBOMs Are Useful for Securing the AI/ML Supply Chain
Why MLBOMs Are Useful for Securing the AI/ML Supply Chain
Apr 11, 2024
|
1 Min Read
byDiana Kelley, CISO, Protect AI

Editor's Choice

Binary code in blue and orange colors
Vulnerabilities & Threats
Emerging Threats & Vulnerabilities to Prepare for in 2025Emerging Threats & Vulnerabilities to Prepare for in 2025
byKristina Beek, Associate Editor, Dark Reading
Dec 26, 2024
11 Min Read
Trump signing cybersecurity order creating CISA in 2018
Cybersecurity Operations
Trump 2.0 Portends Big Shift in Cybersecurity PoliciesTrump 2.0 Portends Big Shift in Cybersecurity Policies
byBecky Bracken, Senior Editor, Dark Reading
Dec 24, 2024
7 Min Read
People shaking hands imposed over a photo of China and a globe
Endpoint Security
US Ban on TP-Link Routers More About Politics Than Exploitation RiskTP-Link Router Ban Is Mostly About Politics
byRobert Lemos, Contributing Writer
Dec 20, 2024
6 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe