darkreading

Scammers set up call centers in luxury rentals to run bank help-desk fraud, as well as large-scale phishing campaigns, across at least 10 European countries, according to law enforcement.

Researchers demonstrate a proof-of-concept cyberattack vector that gets around remote, on-premises, and local versions of browser isolation security technology to send malicious communications from an attacker-controlled server.

More than 4% of US attempted e-commerce transactions between Thanksgiving and Cyber Monday suspected to be fraudulent.

Using different parts of our brains gives us different perspectives on the world around us and new approaches to the problems we face in security.

Vanir automates the process of scanning source code to identify missing security patches.

We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.

An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on "key Scattered Spider members" and their tactics.

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

The cybersecurity industry faces a growing crisis in attracting and retaining SOC analysts.

The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure and Python software designated as critical software components.

New Fortress Information Security research shows 90% of software products used by critical infrastructure organizations contain code developed in China.

Researchers testing generative AI systems can use prompt injection, re-register after being banned, and bypass rate limits without running afoul of copyright law.

Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.

A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.

At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.

AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.

The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.

By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.

Authorities across 19 African countries also dismantled their infrastructure and networks, thanks to cooperation between global law enforcement and private firms.