![[Dark Reading Virtual Event] Cybersecurity Outlook 2026](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltec9f14c11f342d6f/69161ac9bc68b50a22001b58/DRVE_Event_20251203.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Post Content The original article found on darkreading Read More
Rogue MCP servers can take over Cursor’s built-in browser
AI agents and coding copilots are shaking up how — and what — developers code. But they’re also rapidly expanding the attack surface of developer […]
Orgs Move to SSO, Passkeys to Solve Bad Password Habits
In 2025, employees are still using weak passwords. Instead of forcing an impossible change, security leaders are working around the problem. The original article found […]
Coyote, Maverick Banking Trojans Run Rampant in Brazil
South America’s largest country is notorious for banking malware attacks; Maverick self-terminates if its targeted user is based outside Brazil. The original article found on […]
Malicious npm Package with 206K Downloads Targeting GitHub Repositories to Steal Tokens
On Friday, November 7th, Veracode Threat Research discovered a dangerous typosquatting campaign targeting developers using GitHub Actions. The malicious npm package “@acitons/artifact” had accumulated over […]
Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant
Cybercriminals have launched a sophisticated phishing campaign that exploits trust in internal security systems by spoofing email delivery notifications to appear as legitimate spam-filter alerts […]
Google Sues to Disrupt Chinese SMS Phishing Triad
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of […]
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain
Cybersecurity researchers have uncovered a malicious Chrome extension that poses as a legitimate Ethereum wallet but harbors functionality to exfiltrate users’ seed phrases. The name […]
OpenAI Sora 2 Vulnerability Allows Exposure of Hidden System Prompts from Audio Data
Security researchers have successfully extracted the system prompt from OpenAI’s Sora 2 video generation model by exploiting cross-modal vulnerabilities, with audio transcription proving to be […]
Hackers Infiltrate npm Registry with 43,000 Spam Packages, Linger for Nearly Two Years
Security researcher Paul McCarty has uncovered a massive coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, comprising over 43,000 malicious packages published across […]