来自顶级安全媒体的最新动态
German law‑enforcement agencies, led by the Federal Criminal Police Office (BKA) and the Hessian State Criminal Police Office (LKA Hessen) in close coordination with Europol’s Euro...
General Motors has agreed to pay a $12.75 million settlement to the State of California for collecting and sharing sensitive driver data without proper consent, marking the largest...
Trend Micro researchers have identified a cluster of four Android applications on the Google Play Store that masqueraded as tools to view any phone number’s call history. The apps,...
NVIDIA has officially confirmed a data breach impacting its GeForce NOW service, exposing personal information for a subset of users in Armenia. The disclosure, made in a statement...
Zara, the Spanish fast‑fashion giant, has confirmed a data breach that exposed the personal information of approximately 197,000 customers. The compromise was uncovered after the b...
ShinyHunters, the notorious threat group behind a string of high‑profile data thefts, announced on March 5 that it had executed a second intrusion into Instructure, the education‑t...
Organizations investing heavily in data loss prevention (DLP) solutions are discovering a critical blind spot: the browser has become the primary vector for inadvertent data exfilt...
Two U.S. nationals were sentenced to 18 months in federal prison each for managing laptop farms that facilitated North Korean IT workers in securing remote positions at nearly 70 A...
Ethan J. Rivera, a 20‑year‑old from Los Angeles, California, was sentenced on Friday to 78 months (6.5 years) in federal prison for his role in a sophisticated criminal operation t...
Security researchers have uncovered a sophisticated cyberattack campaign leveraging the Windows Phone Link application to steal text messages and circumvent two-factor authenticati...
A joint research effort by the Security Research Lab (SRL) and the AI Security Initiative (AISI) scanned over one million publicly reachable AI endpoints across IPv4 space between ...
Education technology provider Instructure has disclosed a significant data breach after a threat actor operating under the alias 'CSAMKing' claimed to have stolen approximately 280...
The Federal Trade Commission announced a settlement with data broker Kochava and its subsidiary Collective Data Solutions (CDS) that prohibits them from selling or sharing precise ...
The ShinyHunters extortion group has claimed responsibility for a significant data breach at Vimeo, the popular online video platform owned by IAC. Security researchers first ident...
Security researchers have uncovered a new variant of the CloudZ remote‑access trojan (RAT) that delivers a previously undocumented plugin named Pheno. This plugin exploits the Micr...
Fraudsters are not breaking into credit unions with zero‑days or ransomware; they are exploiting the normal loan origination workflow. Flare’s threat‑intelligence team uncovered a ...
Instructure, the educational technology company behind the popular Canvas learning‑management system, confirmed on March 5 2026 that unauthorized actors had accessed its internal n...
Microsoft has begun rolling out a preview of a modernized Run dialog for Windows 11, promising a noticeable boost in responsiveness and the addition of a native dark mode. The upda...
Dark Reading is inviting security professionals and enthusiasts to take part in a caption contest that reflects on two decades of cybersecurity evolution. The competition, titled "...
Dark Reading marks its 20th anniversary this month, reflecting on two decades of delivering timely cybersecurity news, analysis, and insights to professionals worldwide. Launched o...
French police (the Direction centrale de la police judiciaire, DCPJ) and the Paris Prosecutor’s Office have detained a 15‑year‑old, known by the alias "M4L", on suspicion of sellin...
BleepingComputer published a story on March 5, 2026 claiming that Instructure, the education‑technology company behind the Canvas learning‑management platform, had suffered a new d...
Microsoft has expanded its Windows 11 in‑box app removal policy by adding a dynamic list that lets IT administrators select exactly which pre‑installed Microsoft Store applications...
Microsoft released the optional cumulative update KB5083631 for Windows 11 22H2, delivering 34 changes that span new functionality, performance tweaks, and critical security patche...
Chris Inglis, who served as NSA Deputy Director from 2011 to 2014 under Director Keith Alexander, has broken his silence on the agency's missteps during the Edward Snowden affair, ...
Security researchers at Group-IB have uncovered a large-scale smishing operation that combines fake CAPTCHA verification pages with International Revenue Share Fraud (IRSF) and cry...
Romance scams, a form of confidence scheme that preys on emotional trust, continue to trap thousands of victims each year. Security analysts note that those who fall prey to these ...
The US Department of Justice has announced the indictment of 29 individuals linked to a cyber fraud syndicate operating from Myanmar, charging them with conspiracy to commit wire f...
Cybersecurity researchers at CleverSight Threat Intelligence have uncovered a cluster of 26 malicious iOS applications that masquerade as popular cryptocurrency wallets such as Tru...
WhatsApp has patched a critical flaw that allowed attackers to harvest user metadata simply by knowing a victim's phone number, according to a Dark Reading analysis published this ...
German authorities have publicly exposed the identity of the notorious hacker known as "UNKN", linking the alias to 31‑year‑old Russian national Daniil Maksimov. Maksimov is allege...
Worldcoin’s World ID initiative, built by Tools for Humanity, is deploying a biometric authentication system based on iris scanning to assign a unique human identity to every AI ag...
AI assistants, often marketed as autonomous "agents", are rapidly becoming a staple in developer toolchains, promising to automate everything from code generation to system configu...
Google has announced significant changes to its Android app distribution model, implementing mandatory developer verification for all apps published on Google Play Store. The new r...
Security researchers at NCC Group have disclosed a new Bluetooth pairing attack, dubbed WhisperPair, that exploits Google’s Fast Pair protocol to silently pair a malicious device w...
Google announced on Monday that it will retire the Dark Web Report feature from its Google Account dashboard, ending a service that warned users when their personal information app...
A leaked document published by the dark‑web user W1ckedG0pher has disclosed the full roster of Google Pixel phones that can be compromised by Cellebrite’s Universal Forensic Extrac...
Google has officially announced its Android developer verification program will feature both free and paid tiers, marking a significant shift in how developers are authenticated be...
Former WhatsApp security chief filed a lawsuit against Meta Platforms Inc., alleging that the company consistently placed user‑acquisition targets ahead of critical security measur...
Google on Monday rebuffed recent reports—published by Ars Technica—that claimed a massive breach exposing all 2.5 billion Gmail accounts, asserting that its security controls are r...
Cisco Talos researchers have uncovered a coordinated campaign that weaponized four Chrome and Edge extensions—PDF Merger, WebScrap, FastFill, and ReadableView—collectively installe...
Starting Monday, Google began rolling out a platform update for Android 14 (API level 34) that expands the capabilities of its on‑device AI assistant, Gemini. The change introduces...
Nintendo has alerted owners of its upcoming Switch 2 console that the built‑in GameChat feature creates temporary local copies of voice and text conversations, and that those recor...
Over the weekend, Nelnet Servicing, a major U.S. student‑loan servicer operating under contract with the Department of Education’s Federal Student Aid (FSA) office, disclosed a dat...
Cybercriminals are now hawking root access to tens of thousands of unpatched Chinese‑made surveillance cameras, a market that has surged after the disclosure of a critical remote‑c...
Peiter “Mudge” Zatko, Twitter’s former head of security, filed a whistleblower complaint in July 2022 with the Federal Trade Commission (FTC) and the Senate Select Committee on Int...
A wave of phishing campaigns masquerading as airline and hotel reservation confirmations is compounding the frustration of travelers already grappling with cancellations and overbo...