Security News

darkreading Jan 22, 2026 at 22:13

Risky Chinese Electric Buses Spark Aussie Gov't Review

Deployed across Australia and Europe, China's electric buses are vulnerable to cybercriminals and sport remote connectivity some worry the Chinese state could exploit.

Read Article

darkreading Jan 22, 2026 at 21:18

Fortinet Firewalls Hit With Malicious Configuration Changes

Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall configuration files.

Read Article

darkreading Jan 22, 2026 at 18:09

From a Whisper to a Scream: Europe Frets About Overreliance on US Tech

Concern is growing across Europe about relying on US cybersecurity companies, and Greenland takeover talk is eroding trust across the EU even further.

Read Article

darkreading Jan 22, 2026 at 16:05

Latin American Orgs Lack Confidence in Cyber Defenses, Skills

Cybersecurity professionals in Latin America are least likely to have faith in their countries' preparedness for cyberattacks on critical infrastructure, the World Economic Forum says.

Read Article

darkreading Jan 22, 2026 at 14:05

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to avoid detection.

Read Article

darkreading Jan 22, 2026 at 00:24

Dark Reading Confidential: Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential Episode 14: How curious, ethical problem solving can continue to serve as a guiding principle for an evolving cybersecurity sector.

Read Article

darkreading Jan 22, 2026 at 00:24

Dark Reading Confidential: Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential Episode 14: How curious, ethical problem-solving can continue to serve as a guiding principle for an evolving cybersecurity sector.

Read Article

darkreading Jan 21, 2026 at 23:06

AI Agents Undermine Progress in Browser Security

Web browser companies have put in substantial effort over the past three decades to strengthen the browser security stack against abuses. Agentic browsers are undoing all that work.

Read Article

darkreading Jan 21, 2026 at 22:00

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no other user interaction.

Read Article

darkreading Jan 21, 2026 at 20:22

Phishing Campaign Zeroes in on LastPass Customers

The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models to craft them.

Read Article

darkreading Jan 21, 2026 at 14:48

Complex VoidLink Linux Malware Created by AI

Researchers say the advanced framework was built almost entirely by agents, marking a significant evolution in the use of AI to develop wholly original malware.

Read Article

darkreading Jan 21, 2026 at 14:00

'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed

Hackers are already leveraging these over-permissioned programs to access the IT systems of major security vendors.

Read Article

darkreading Jan 20, 2026 at 21:10

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.

Read Article

darkreading Jan 20, 2026 at 20:18

Mass Spam Attacks Leverage Zendesk Instances

The CRM vendor advised ignoring or deleting suspicious emails and said the attacks were not tied to any breach or software vulnerability.

Read Article

darkreading Jan 20, 2026 at 18:04

Vulnerabilities Threaten to Break Chainlit AI Framework

Familiar bugs in a popular open source framework for AI chatbots could give attackers dangerous powers in the cloud.

Read Article

darkreading Jan 20, 2026 at 15:52

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

The indirect prompt injection vulnerability allows an attacker to weaponize invites to circumvent Google's privacy controls and access private data.

Read Article

darkreading Jan 20, 2026 at 15:47

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry serious vulnerabilities.

Read Article

darkreading Jan 19, 2026 at 17:57

ChatGPT Health Raises Big Security, Safety Concerns

ChatGPT Health promises robust data protection, but elements of the rollout raise big questions regarding user security and safety.

Read Article

darkreading Jan 16, 2026 at 21:03

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

Related CVEs: CVE-2025-64155

Read Article

darkreading Jan 16, 2026 at 15:25

CISOs Rise to Prominence: Security Leaders Join the Executive Suite

Security professionals are moving up the executive ranks as enterprises face rising regulatory and compliance standards.

Read Article