Vulnerabilities & Threats

More Topics
A digital brain schematic
Application Security
How to Weaponize Microsoft Copilot for CyberattackersHow to Weaponize Microsoft Copilot for Cyberattackers

At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot — and offered advice for defensive tooling.

byJeffrey Schwartz, Contributing Writer
Aug 8, 2024
|
6 Min Read
Ann Johnson, Corporate Vice President and Deputy CISO at Microsoft, and Sherrod DeGrippo, Dir. of Threat Intelligence Strategy at Microsoft, on stage
Cybersecurity Operations
Microsoft on CISOs: Thriving Community Means Stronger SecurityMicrosoft on CISOs: Thriving Community Means Stronger Security
byKristina Beek, Associate Editor, Dark Reading
Aug 8, 2024
4 Min Read
The word "browser" with icons of various browsers below it
Cyberattacks & Data Breaches
'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk
byElizabeth Montalbano, Contributing Writer
Aug 8, 2024
4 Min Read
Electronics that resemble a brain
Cyber Risk
Building an Effective Strategy to Manage AI RisksBuilding an Effective Strategy to Manage AI Risks
bySanket Kavishwar, Kenneth Moras
Aug 8, 2024
4 Min Read
sun behind a cloud creating shadows
Remote Workforce
Critical AWS Vulnerabilities Allow S3 Attack BonanzaCritical AWS Vulnerabilities Allow S3 Attack Bonanza
byJeffrey Schwartz, Contributing Writer
Aug 8, 2024
5 Min Read
CrowdStrike logo seen on screen of smartphone and the word OUTAGE seen behind it
Cyber Risk
CrowdStrike Will Give Customers Control Over Falcon Sensor UpdatesCrowdStrike Will Give Customers Control Over Falcon Sensor Updates
byJai Vijayan, Contributing Writer
Aug 7, 2024
3 Min Read
Founder and CTO of Knostic, Sounil Yu, collecting his award onstage
Cybersecurity Operations
Knostic Wins 2024 Black Hat Startup Spotlight Competition
Knostic Wins 2024 Black Hat Startup Spotlight Competition
Aug 7, 2024
|
4 Min Read
byKristina Beek, Associate Editor, Dark Reading
A green chameleon sitting on a branch
Endpoint Security
Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App
Chameleon Banking Trojan Makes a Comeback Cloaked as CRM App
Aug 7, 2024
|
4 Min Read
byElizabeth Montalbano, Contributing Writer
Heads representing AI; blues and greens on a digital background with 1s and 0s
Application Security
Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy
Creating Insecure AI Assistants With Microsoft Copilot Studio Is Easy
Aug 7, 2024
|
4 Min Read
byJeffrey Schwartz, Contributing Writer
Person's hand touching a gear-like icon reading API
Vulnerabilities & Threats
The API Security Crisis: Why Your Company Could Be Next
The API Security Crisis: Why Your Company Could Be Next
Aug 7, 2024
|
4 Min Read
byVaibhav Malik
Turkey (Turkiye) cyber flag
Vulnerabilities & Threats
BlankBot Trojan Targets Turkish Android Users
BlankBot Trojan Targets Turkish Android Users
Aug 7, 2024
|
3 Min Read
byRobert Lemos, Contributing Writer
Brown rat with its paw on a curb
Cyberattacks & Data Breaches
Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool
Hunters International Masks SharpRhino RAT as Legit Network Admin Tool
Aug 6, 2024
|
3 Min Read
byElizabeth Montalbano, Contributing Writer
Electronic circuitry with red light passing through it, representing how data may be controlled and stored in a quantum computer
Vulnerabilities & Threats
Preparing for the Future of Post-Quantum Cryptography
Preparing for the Future of Post-Quantum Cryptography
Aug 6, 2024
|
4 Min Read
byDavid O'Berry
Factory with smokestacks against a dawn sky
ICS/OT Security
Rockwell PLC Security Bypass Threatens Manufacturing Processes
Rockwell PLC Security Bypass Threatens Manufacturing Processes
Aug 6, 2024
|
2 Min Read
byTara Seals, Managing Editor, News, Dark Reading
A person's hand holding a device, blurred binary green code overlayed on top
Mobile Security
Sophisticated Android Spyware Targets Users in Russia
Sophisticated Android Spyware Targets Users in Russia
Aug 5, 2024
|
4 Min Read
byJai Vijayan, Contributing Writer
A thief in a black ski mask stealing a laptop
Application Security
Critical Apache OFBiz Vulnerability Allows Preauth RCE
Critical Apache OFBiz Vulnerability Allows Preauth RCE
Aug 5, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
giant panda hidden amongst bamboo forest
Cyberattacks & Data Breaches
China's Evasive Panda Attacks ISP to Send Malicious Software Updates
China's Evasive Panda Attacks ISP to Send Malicious Software Updates
Aug 5, 2024
|
4 Min Read
byElizabeth Montalbano, Contributing Writer
Padlocks over a digital map
Vulnerabilities & Threats
Protect Data Differently for a Different World
Protect Data Differently for a Different World
Aug 5, 2024
|
5 Min Read
byDenzil Wessels, Glenn Ignazio
View of Earth from space
Cyber Risk
How Regional Regulations Shape Global Cybersecurity Culture
How Regional Regulations Shape Global Cybersecurity Culture
Aug 5, 2024
|
3 Min Read
byJoanna Huisman
Flags of Taiwan and China on cinder block background
Threat Intelligence
China's APT41 Targets Taiwan Research Institute for Cyber Espionage
China's APT41 Targets Taiwan Research Institute for Cyber Espionage
Aug 2, 2024
|
3 Min Read
byJai Vijayan, Contributing Writer
A magnified section of computer code on a screen
Vulnerabilities & Threats
Attacks on Bytecode Interpreters Conceal Malicious Injection Activity
Attacks on Bytecode Interpreters Conceal Malicious Injection Activity
Aug 1, 2024
|
4 Min Read
byRobert Lemos, Contributing Writer
A close-up of the domain name in the search bar on a monitor or laptop screen
Vulnerabilities & Threats
'Sitting Ducks' Attacks Create Hijacking Threat for Domain Name Owners
'Sitting Ducks' Attacks Create Hijacking Threat for Domain Name Owners
Aug 1, 2024
|
1 Min Read
byDark Reading Staff
Black noodles on a platae topped with tomato
Threat Intelligence
Black Basta Develops Custom Malware in Wake of Qakbot Takedown
Black Basta Develops Custom Malware in Wake of Qakbot Takedown
Aug 1, 2024
|
5 Min Read
byElizabeth Montalbano, Contributing Writer
Hands holding a white mobile device showing the Facebook login page
Cyberattacks & Data Breaches
Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor
Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor
Aug 1, 2024
|
3 Min Read
byElizabeth Montalbano, Contributing Writer
A person's hand holding a phone with Siri pulled up providing recommendations of different commands
Vulnerabilities & Threats
Siri Bug Enables Data Theft on Locked Apple Devices
Siri Bug Enables Data Theft on Locked Apple Devices
Jul 31, 2024
|
1 Min Read
byDark Reading Staff
A man looking at a laptop screen depicting survey research
Threat Intelligence
Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research
Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research
Jul 31, 2024
|
1 Min Read
byDark Reading Staff
Computer keyboard with a red key reading "Ransomware" in white, and a broken padlock sitting on it
Vulnerabilities & Threats
Would Making Ransom Payments Illegal Result in Fewer Attacks?
Would Making Ransom Payments Illegal Result in Fewer Attacks?
Jul 31, 2024
|
4 Min Read
byIlia Sotnikov
Shadowed hand holding a device with the word "Android" and green Google Android logo on the screen next to computer screen warning "malware"
Endpoint Security
Dynamically Evolving SMS Stealer Threatens Global Android Users
Dynamically Evolving SMS Stealer Threatens Global Android Users
Jul 31, 2024
|
4 Min Read
byElizabeth Montalbano, Contributing Writer
A sidewinder snake
Cyberattacks & Data Breaches
India-Linked SideWinder Group Pivots to Hacking Maritime Targets
India-Linked SideWinder Group Pivots to Hacking Maritime Targets
Jul 31, 2024
|
4 Min Read
byRobert Lemos, Contributing Writer
CrowdStrike logo on a cellphone sitting on a laptop
Vulnerabilities & Threats
The CrowdStrike Meltdown: A Wake-up Call for Cybersecurity
The CrowdStrike Meltdown: A Wake-up Call for Cybersecurity
Jul 30, 2024
|
5 Min Read
byArun Vishwanath
Thief in face mask stealing laptop computer
Сloud Security
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Cyberattackers Accessed HealthEquity Customer Info via Third Party
Jul 30, 2024
|
4 Min Read
byTara Seals, Managing Editor, News, Dark Reading
a table showing how many vulnerabilities are being processed by NIST's NVD
Vulnerabilities & Threats
NVD Backlog Continues to Grow
NVD Backlog Continues to Grow
Jul 29, 2024
|
2 Min Read
byEdge Editors
ServiceNow logo on smartphone screen
Сloud Security
Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit
Patch Now: ServiceNow Critical RCE Bugs Under Active Exploit
Jul 29, 2024
|
5 Min Read
byJai Vijayan, Contributing Writer
Statue of Greek God Zeus
Threat Intelligence
'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak
'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leak
Jul 29, 2024
|
1 Min Read
byDark Reading Staff
Three banners in dark blue, red and light blue that say Login with Facebook, Google, and Twitter, respectively
Endpoint Security
OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
Jul 29, 2024
|
5 Min Read
byElizabeth Montalbano, Contributing Writer

Editor's Choice

Heads representing AI; blues and greens on a digital background with 1s and 0s
Application Security
Creating Insecure AI Assistants With Microsoft Copilot Studio Is EasyCreating Insecure AI Assistants With Microsoft Copilot Studio Is Easy
byJeffrey Schwartz, Contributing Writer
Aug 7, 2024
4 Min Read
CrowdStrike logo seen on screen of smartphone and the word OUTAGE seen behind it
Cyber Risk
CrowdStrike Will Give Customers Control Over Falcon Sensor UpdatesCrowdStrike Will Give Customers Control Over Falcon Sensor Updates
byJai Vijayan, Contributing Writer
Aug 7, 2024
3 Min Read
Hand pointing at icon labeled SaaS; various other icons surround it
Application Security
SaaS Apps Present an Abbreviated Kill Chain for AttackersSaaS Apps Present an Abbreviated Kill Chain for Attackers
byJai Vijayan, Contributing Writer
Aug 8, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe