DARKReading

An ongoing AitM campaign by the infamous Moscow-sponsored cyber-threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.

Following a number of high-profile security and development issues surrounding the use of LLMs and GenAI to code and create applications, it's worth taking a temperature check to ask: Is this technology ready for prime time?

The lesson from the breach is not just about what went wrong — but what could have gone right.

Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn't doing enough to deal with the looming crisis. Bugcrowd's Trey Ford, expert Adam Shostack, and vulnerability historian Brian Martin sit down with Dark Reading to help us figure out what a "good" future of the CVE Program would look like and how to get there.

Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.

A swath of copycat Korean apps are hiding spyware, occasionally leading to highly personal, disturbing extortions.

Attackers are becoming faster at exploiting vulnerabilities, but this startup seeks to stop threats before they lead to breaches.

The deal shakes up the identity and access management landscape and expands Palo Alto Networks' footprint in the cybersecurity market.

The US government is throwing the book at even midlevel cybercriminals. Is it just — and is it working?

An unsealed indictment associated with the Chinese threat group shows its members worked for companies closely aligned with the PRC as part of a larger contractor ecosystem.