When Okta’s support credentials were stolen in 2023, the breach didn’t stop at the identity provider. It rippled outward — through SaaS integrations, internal legacy […]
Threat Actors Exploit LANSCOPE Endpoint Manager Zero-Day Vulnerability to Steal Confidential Data
In mid-2025, Secureworks Counter Threat Unit (CTU) researchers uncovered a sophisticated cyber campaign where Chinese state-sponsored threat actors from the BRONZE BUTLER group exploited a […]
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to […]
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
Threat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. […]
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within […]
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. […]
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign […]
Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw
Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932, […]
Cyber’s Role in the Rapid Rise of Digital Authoritarianism
Dark Reading Confidential Episode 11: Enterprise cyber teams are in prime position to push back against our current “Golden Age of Surveillance,” according to our […]
Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to […]