DARKReading

While this emerging technology offers many benefits, digital twins also have several drawbacks, as these convincing impersonations can be used in social engineering attacks.

A red teamer is publishing research next month about how weaknesses in modern security products lay the groundwork for stealthy implants in AI-powered applications.

National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia.

Malicious actors already have already pounced on the zero-day vulnerability, tracked as CVE-2025-53770, to compromise US government agencies and other businesses in ongoing and widespread attacks.

We cannot keep reacting to vulnerabilities as they emerge. We must assume the presence of unknown threats and reduce the blast radius that they can affect.

Researchers discovered a novel phishing attack that serves the victim a QR code as part of supposed multifactor authentication (MFA), in order to get around FIDO-based protections.

Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full control of their servers.

Security often lags behind innovation. The path forward requires striking a balance.

Four flaws in the basic software for Gigabyte motherboards could allow persistent implants, underscoring problems in the ways firmware is developed and updated.

Chinese threat actors have turned to cyberattacks as a way to undermine and destabilize Taiwan's most important industrial sector.