Security News

darkreading May 08, 2026 at 20:08

ShinyHunters Claims Second Attack Against Instructure

The edtech company is struggling to wrest control from its hackers. PII belonging to hundreds of millions of people is on the line.

Read Article

darkreading May 07, 2026 at 20:43

After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets

PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments.

Read Article

darkreading May 07, 2026 at 16:55

Has CISA Finally Found Its New Leader in Tom Parker?

Dark Reading investigates rumors that Tom Parker, a board room 'operator' and longtime cyber exec, could be next in line to take over CISA.

Read Article

darkreading May 07, 2026 at 13:00

'TrustFall' Exposes Claude Code Execution Risk

Researchers find malicious repositories can trigger code execution in Claude Code with minimal or no user interaction.

Read Article

darkreading May 07, 2026 at 13:00

World's First AI-Driven Cyberattack Couldn't Breach OT Systems

The most sophisticated AI-integrated campaign to date hit a brick wall in the form of a SCADA login screen.

Read Article

darkreading May 06, 2026 at 21:19

Yet Another Way to Bypass Google Chrome's Encryption Protection

Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.

Read Article

darkreading May 06, 2026 at 21:02

Instructure Breach Exposes Schools' Vendor Dependence

ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.

Read Article

darkreading May 06, 2026 at 12:00

From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber

As part of Dark Reading's 20th anniversary celebration, its staff looks back on 20 of the biggest newmaking events from the past two decades that shaped our industry and the risk landscape for today's security teams.

Read Article

darkreading May 06, 2026 at 10:30

Attacks Abuse Windows Phone Link to Steal Texts & Bypass 2FA

In hard-to-detect attacks, hackers are dropping the CloudZ RAT and a fresh plugin, Pheno, to hijack the Windows-based bridge between PCs and smartphones.

Read Article

darkreading May 06, 2026 at 05:30

Middle East Cyber Battle Field Broadens — Especially in UAE

As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure.

Read Article

darkreading May 05, 2026 at 20:40

Trellix Source Code Breach Highlights Growing Supply Chain Threats

Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up.

Read Article

darkreading May 05, 2026 at 20:00

Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves against a growing volume of cyberattacks.

Read Article

darkreading May 05, 2026 at 18:36

Why Security Leadership Makes or Breaks a Pen Test

Well-run security drills go beyond checking audit boxes to identify and address trouble spots. Effective leaders can ensure proper scope, access, and follow-through, but it’s not easy.

Read Article

darkreading May 05, 2026 at 14:57

Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk

A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.

Read Article

darkreading May 05, 2026 at 11:56

How the Story of a USB Penetration Test Went Viral

Two decades ago Dark Reading posted its first blockbuster — a story from a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making column with its author Steve Stasiukonis, Dark Reading senior Editor Becky Bracken and Dark Reading's editor-in-chief Kelly Jackson Higgins.

Read Article

darkreading May 05, 2026 at 11:56

How the Story of a USB Penetration Test Went Viral

Two decades ago Dark Reading posted its first blockbuster — a column by a pen tester who sprinkled rigged thumb drives around a credit union parking lot and let curious employees do the rest. This episode looks back at the history-making piece with its author Steve Stasiukonis, Dark Reading senior editor Becky Bracken, and Dark Reading's editor-in-chief Kelly Jackson Higgins.

Read Article

darkreading May 04, 2026 at 21:38

Physical Cargo Theft Gets a Boost From Cybercriminals

Cargo theft is no longer about small groups of criminals operating on the ground, but transnational cybercriminal syndicates using access to supply chain systems to reroute goods.

Read Article

darkreading May 04, 2026 at 20:56

RMM Tools Fuel Stealthy Phishing Campaign

Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.

Read Article

darkreading May 04, 2026 at 19:14

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there's been zero-day activity for at least a month.

Read Article

darkreading May 04, 2026 at 11:35

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

More than 1,600 socially engineered messages from the China-backed advanced persistent threat (APT) group target various sectors to deliver the previously undocumented ABCDoor backdoor, ValleyRAT, and other malware.

Read Article