The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA), along with international partners from Australia and Canada, have released guidance to […]
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
Threat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. […]
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
Eclipse Foundation, which maintains the open-source Open VSX project, said it has taken steps to revoke a small number of tokens that were leaked within […]
Researchers Develop Linux Rootkit That Evades Elastic EDR Protections
Security researchers have unveiled a sophisticated Linux rootkit capable of bypassing Elastic Security’s advanced detection mechanisms, demonstrating critical vulnerabilities in endpoint detection and response solutions. […]
Windows LNK UI Spoofing Vulnerability Weaponized for Remote Code Execution
A sophisticated cyber espionage campaign targeting European diplomatic institutions has been uncovered, signaling a strategic escalation by Chinese-affiliated threat actor UNC6384. Central to this campaign […]
Progress Releases Patch for MOVEit Transfer Resource Consumption Flaw
Progress Software has released security patches to address a high-severity vulnerability in its MOVEit Transfer platform discovered on October 29, 2025. The flaw, tracked as CVE-2025-10932, […]
Cyber’s Role in the Rapid Rise of Digital Authoritarianism
Dark Reading Confidential Episode 11: Enterprise cyber teams are in prime position to push back against our current “Golden Age of Surveillance,” according to our […]
Kimsuky and Lazarus Hackers Deploy New Backdoor Tools for Remote Access Attacks
North Korean state-sponsored threat actors have escalated their cyber operations with the deployment of sophisticated new malware variants designed to establish persistent backdoor access to […]
Aembit Introduces Identity and Access Management for Agentic AI
Aembit today announced the launch of Aembit Identity and Access Management (IAM) for Agentic AI, a set of capabilities that help organizations safely provide and […]
CISA Alerts on Active Exploitation of VMware Tools and Aria Operations 0-Day
The Cybersecurity and Infrastructure Security Agency (CISA) has raised alarm over active exploitation of a critical privilege escalation vulnerability affecting Broadcom’s VMware Tools and VMware […]