DARKReading

The emerging cybercriminal gang, which initially targeted Microsoft Windows systems, is looking to go cross-platform using sophisticated, multithread encryption.

A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44.

With the right IGA tools, governance policies, and risk thresholds, enterprises can continuously detect and act on rogue access before attackers do.

Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chains.

The number of concerning vulnerabilities may be much smaller than organizations think, and this cybersecurity startup aims to narrow down the list to the most critical ones.

The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around Aug. 1.

Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement.

The education sector is haunted by a significant fraud problem where fake students impersonate celebrities and employ other identity techniques to steal resources and money from legitimate students.

Enterprises can use the IaC Risk Index to identify vulnerable cloud resources in their infrastructure-as-code environment which are not managed or governed.

A new infostealing malware making the rounds can exfiltrate credentials and other system data even from browsing software considered more privacy-focused than mainstream options.