Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

'Mysterious Elephant' Moves Beyond Recycled Malware

The cyber-espionage group has been using sophisticated custom tools to target government and diplomatic entities in South Asia since early 2025.

DARKReading
F5 BIG-IP Environment Breached by Nation-State Actor

F5 disclosed a breach this week that included zero-day bugs, source code, and some customer information.

#zero_day
Harvard University Breached in Oracle Zero-Day Attack

The Clop ransomware group claimed responsibility for stealing the university's data as part of a broader campaign against Oracle customers.

Africa Remains Top Global Target, Even as Attacks Decline

Organizations across the continent saw 10% fewer attacks in September, but Africa remains the most attacked region in the world, leading the Global South.

Microsoft Drops Terrifyingly Large October Patch Update

October 2025's enormous Patch Tuesday offers plenty of nightmares for admins, including actively exploited zero-days and insidious high-severity privilege-escalation bugs — and it spells curtains for Windows 10 updates.

China's Flax Typhoon Turns Geo-Mapping Server into a Backdoor

Chinese APT threat actors compromised an organization's ArcGIS server, modifying the widely used geospatial mapping software for stealth access.

Pixnapping Attack Lets Attackers Steal 2FA on Android

The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo.

Financial, Other Industries Urged to Prepare for Quantum Computers

Despite daunting technical challenges, a quantum computer capable of breaking public-key encryption systems may only be a decade or two off.

Critical infrastructure CISOs Can't Ignore 'Back-Office Clutter' Data

OT and ICS systems indeed hold the crown jewels of critical infrastructure organizations, but unmonitored data sprawl is proving to be pure gold for increasingly brazen nation-state threat actors like Volt Typhoon, Pearce argues.

Generation AI: Why Today's Tech Graduates Are At a Disadvantage

With artificial intelligence supplanting entry-level security jobs, new cyber professionals will have to up their game to stay competitive in the industry.