網路安全資訊

Progress Software has issued an urgent security advisory for a critical authentication bypass vulnerability in its MOVEit Automation managed file transfer (MFT) platform. Tracked a...

Kaseya announced a live webinar titled “Why MSPs must rethink security and backup strategies” scheduled for June 15, 2026 at 2:00 PM ET. The session, hosted by Kaseya’s Product Mar...

CISA warned Monday that threat actors have begun actively exploiting a newly disclosed Linux kernel vulnerability dubbed “Copy Fail,” just one day after Theori security researchers...

Microsoft has confirmed that the security updates released on April 2026 for Windows are causing serious failures in third‑party backup applications that rely on the psmounterex.sy...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-31431, a critical Linux kernel privilege escalation vulnerability, to its Known Exploited Vulner...

Instructure, the educational technology company behind the popular Canvas learning‑management system, confirmed on March 5 2026 that unauthorized actors had accessed its internal n...

On March 24, 2026, Microsoft Defender began flagging legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha after a signature update. The detection impacted multiple...

Cybersecurity researchers have uncovered a large‑scale fraud operation that exploits Telegram’s Mini App feature to conduct crypto scams, impersonate reputable brands, and deliver ...

Trellix has officially acknowledged a security incident in which an unauthorized party gained access to a portion of its source code repositories. The company said it identified th...

A newly disclosed vulnerability in cPanel, tracked as CVE-2026-41940, is being actively exploited in the wild as part of a coordinated ransomware campaign dubbed "Sorry." Security ...

Security researchers have flagged a new iteration of the consent‑phishing tool known as ConsentFix, now labeled v3, which dramatically expands the scale and automation of attacks a...

Microsoft has begun rolling out a preview of a modernized Run dialog for Windows 11, promising a noticeable boost in responsiveness and the addition of a native dark mode. The upda...

A newly uncovered Vietnamese‑linked phishing campaign has compromised roughly 30,000 Facebook accounts by abusing Google’s low‑code AppSheet platform as a covert relay. Researchers...

Cybersecurity researchers have identified two distinct cybercrime groups orchestrating rapid, high‑impact extortion campaigns that operate almost entirely within Software‑as‑a‑Serv...

Cybersecurity researchers have uncovered a sophisticated espionage operation linked to Chinese state actors, targeting a broad spectrum of victims across Asia and a NATO member sta...

Managed security services are on a steep ascent, with the market expected to swell from $38.31 billion in 2025 to $69.16 billion by 2030, making cybersecurity the fastest‑growing s...

The U.S. Department of Justice announced that two former cybersecurity professionals have each been sentenced to four years in federal prison for their roles in enabling BlackCat r...

Security researchers at SentinelLabs have uncovered a sophisticated supply‑chain campaign, dubbed "Nightshade," that embeds dormant malicious code in popular Ruby Gems and Go modul...

North Korean advanced persistent threat (APT) groups have consolidated their dominance over the cryptocurrency threat landscape in 2026, accounting for an estimated 76 % of all dig...

The rapid adoption of AI agents in production environments has uncovered a troubling trend: systems that are supposed to enhance operational efficiency are instead causing catastro...

Dark Reading is inviting security professionals and enthusiasts to take part in a caption contest that reflects on two decades of cybersecurity evolution. The competition, titled "...

Dark Reading marks its 20th anniversary this month, reflecting on two decades of delivering timely cybersecurity news, analysis, and insights to professionals worldwide. Launched o...

Instructure, the company behind the widely used Canvas learning management system, disclosed on March 2 2026 that it had identified a cyber incident affecting its internal infrastr...

French police (the Direction centrale de la police judiciaire, DCPJ) and the Paris Prosecutor’s Office have detained a 15‑year‑old, known by the alias "M4L", on suspicion of sellin...

BleepingComputer published a story on March 5, 2026 claiming that Instructure, the education‑technology company behind the Canvas learning‑management platform, had suffered a new d...

Criminal IP, a provider of exposure‑based threat intelligence, announced a partnership with Securonix to embed its rich contextual data directly into the Securonix ThreatQ platform...

Microsoft has resolved a long‑standing rendering bug that caused newly added Remote Desktop Protocol (RDP) file security warnings to appear malformed on Windows 10 (versions 20H2, ...

Microsoft has expanded its Windows 11 in‑box app removal policy by adding a dynamic list that lets IT administrators select exactly which pre‑installed Microsoft Store applications...

Microsoft released the optional cumulative update KB5083631 for Windows 11 22H2, delivering 34 changes that span new functionality, performance tweaks, and critical security patche...

A federal court has sentenced two former cybersecurity incident response professionals to four years in prison each for their roles in conducting BlackCat (ALPHV) ransomware attack...