Security News

darkreading May 14, 2026 at 20:25

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

Read Article

darkreading May 14, 2026 at 20:19

Congress Puts Heat on Instructure After Canvas Outage

The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an "agreement" with the ShinyHunters cybercriminals.

Read Article

darkreading May 14, 2026 at 13:00

AI Drives Cybersecurity Investments, Widening 'Valley of Death'

In a role reversal, investment dollars in AI security startups exceeded the value of AI acquisitions in 1Q26 by more than $1 billion, a rare occurrence.

Read Article

darkreading May 14, 2026 at 12:00

Foxconn Attack Highlights Manufacturing's Cyber Crisis

A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime.

Read Article

darkreading May 13, 2026 at 21:17

Checkbox Assessments Aren't Fit to Measure to Risk

Security governance needs to be more than an annual compliance exercise. New companies are emerging to address risk-management gaps in current audit tools.

Read Article

darkreading May 13, 2026 at 21:09

Attackers Weaponize RubyGems for Data Dead Drops

Threat actors are publishing RubyGems packages that include scrapers targeting public-facing UK government servers, but with no clear objective.

Read Article

darkreading May 13, 2026 at 20:47

Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak

An OPSEC failure provides a window into what helped the ransomware group rise: a generous affiliate model, opportunistic TTPs, and an effective organizational structure.

Read Article

darkreading May 13, 2026 at 18:52

Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape

Informa TechTarget's flagship cybersecurity media brand launches a special content series to mark two decades as a trusted source for cybersecurity professionals.

Read Article

darkreading May 13, 2026 at 13:38

'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine

Attackers uniquely fingerprint victims before delivering spear-phishing payloads aimed at espionage, in the latest campaign from the Belarussian nation-state threat group.

Read Article

darkreading May 13, 2026 at 13:00

AI Agents Generate Custom Hacking Tools on the Fly

Two threat campaigns heavily leveraged AI agents to support attacks against entities in Mexico and Brazil.

Read Article

darkreading May 13, 2026 at 13:00

China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm

The cyberthreat group targets an Azerbaijani oil and gas firm with repeated attacks, as the China-linked actors extend targeting beyond hospitality, telecom, and government sectors.

Read Article

darkreading May 12, 2026 at 21:03

It's Patch Tuesday for Microsoft and Not a Zero-Day In Sight

It's the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.

Read Article

darkreading May 12, 2026 at 14:00

Hugging Face Packages Weaponized With a Single File Tweak

A tokenizer library file present in Hugging Face AI models can be manipulated to hijack the model's outputs and exfiltrate data.

Read Article

darkreading May 12, 2026 at 11:07

Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem.

Read Article

darkreading May 11, 2026 at 21:15

FCC Softens Ban on Foreign-Made Routers

The Federal Communications Commission eased some restrictions and pushed back deadlines for foreign router manufacturers, but the ban is still in place.

Read Article

darkreading May 11, 2026 at 19:50

Tech Can't Stop These Threats — Your People Can

Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.

Read Article

darkreading May 11, 2026 at 19:00

20 Leaders Who Built the CISO Era: 2 Decades of Change

As part of Dark Reading's 20th anniversary special coverage, we profile the CISOs, founders, researchers, criminals, and policymakers who rewrote the enterprise risk playbook.

Read Article

darkreading May 11, 2026 at 15:05

'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros

The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.

Read Article

darkreading May 11, 2026 at 13:00

Hackers Use AI for Exploit Development, Attack Automation

Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.

Read Article

darkreading May 11, 2026 at 12:00

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.

Read Article