网络安全资讯

A newly disclosed vulnerability in cPanel, tracked as CVE-2026-41940, is being actively exploited in the wild as part of a coordinated ransomware campaign dubbed "Sorry." Security ...

Security researchers have flagged a new iteration of the consent‑phishing tool known as ConsentFix, now labeled v3, which dramatically expands the scale and automation of attacks a...

Microsoft has begun rolling out a preview of a modernized Run dialog for Windows 11, promising a noticeable boost in responsiveness and the addition of a native dark mode. The upda...

A newly uncovered Vietnamese‑linked phishing campaign has compromised roughly 30,000 Facebook accounts by abusing Google’s low‑code AppSheet platform as a covert relay. Researchers...

Cybersecurity researchers have identified two distinct cybercrime groups orchestrating rapid, high‑impact extortion campaigns that operate almost entirely within Software‑as‑a‑Serv...

Cybersecurity researchers have uncovered a sophisticated espionage operation linked to Chinese state actors, targeting a broad spectrum of victims across Asia and a NATO member sta...

Managed security services are on a steep ascent, with the market expected to swell from $38.31 billion in 2025 to $69.16 billion by 2030, making cybersecurity the fastest‑growing s...

The U.S. Department of Justice announced that two former cybersecurity professionals have each been sentenced to four years in federal prison for their roles in enabling BlackCat r...

Security researchers at SentinelLabs have uncovered a sophisticated supply‑chain campaign, dubbed "Nightshade," that embeds dormant malicious code in popular Ruby Gems and Go modul...

North Korean advanced persistent threat (APT) groups have consolidated their dominance over the cryptocurrency threat landscape in 2026, accounting for an estimated 76 % of all dig...

The rapid adoption of AI agents in production environments has uncovered a troubling trend: systems that are supposed to enhance operational efficiency are instead causing catastro...

Dark Reading is inviting security professionals and enthusiasts to take part in a caption contest that reflects on two decades of cybersecurity evolution. The competition, titled "...

Dark Reading marks its 20th anniversary this month, reflecting on two decades of delivering timely cybersecurity news, analysis, and insights to professionals worldwide. Launched o...

Instructure, the company behind the widely used Canvas learning management system, disclosed on March 2 2026 that it had identified a cyber incident affecting its internal infrastr...

French police (the Direction centrale de la police judiciaire, DCPJ) and the Paris Prosecutor’s Office have detained a 15‑year‑old, known by the alias "M4L", on suspicion of sellin...

BleepingComputer published a story on March 5, 2026 claiming that Instructure, the education‑technology company behind the Canvas learning‑management platform, had suffered a new d...

Criminal IP, a provider of exposure‑based threat intelligence, announced a partnership with Securonix to embed its rich contextual data directly into the Securonix ThreatQ platform...

Microsoft has resolved a long‑standing rendering bug that caused newly added Remote Desktop Protocol (RDP) file security warnings to appear malformed on Windows 10 (versions 20H2, ...

Microsoft has expanded its Windows 11 in‑box app removal policy by adding a dynamic list that lets IT administrators select exactly which pre‑installed Microsoft Store applications...

Microsoft released the optional cumulative update KB5083631 for Windows 11 22H2, delivering 34 changes that span new functionality, performance tweaks, and critical security patche...

A federal court has sentenced two former cybersecurity incident response professionals to four years in prison each for their roles in conducting BlackCat (ALPHV) ransomware attack...

Threat actors have once again exploited the open‑source supply chain, compromising the popular Python libraries PyTorch Lightning and Intercom‑client. By obtaining the maintainer’s...

Law enforcement agencies in the United States and Europe have dismantled a sprawling SMS phishing campaign that leveraged fake cellular base stations, known as IMSI catchers, to bl...

Security researchers at SentinelOne and WithSecure have uncovered a sophisticated Python-based backdoor named DEEP#DOOR that leverages legitimate tunneling services to establish co...

Atos Threat Research Center (TRC) uncovered in March 2026 a highly resilient malicious operation that distributes a remote‑access trojan called EtherRAT. The campaign abuses GitHub...

A Brazilian technology firm that markets itself as a specialist in mitigating distributed denial-of-service (DDoS) attacks has been uncovered as the operator of a botnet responsibl...

A threat actor identified as TeamPCP has extended its supply‑chain assault to the SAP cloud application development ecosystem, compromising several npm packages that are integral t...

Security researchers using an AI-driven static analysis engine called Sentinel have uncovered a nine‑year‑old flaw in the Linux kernel’s netfilter subsystem. The vulnerability, tra...

Anthropic has officially launched Mythos, its latest large language model designed with a reported 1.2 trillion parameters and native multimodal reasoning capabilities. According t...

Oracle Red Bull Racing has launched a sweeping automation initiative aimed at embedding security directly into the team’s high‑velocity development pipelines. With the pit wall and...