From Stuxnet to ChatGPT: 20 News Events That Shaped Cyber
As part of its 20th anniversary celebration, Dark Reading looks back on 20 of the biggest newsmaking events from the past two decades that influenced the risk landscape for today's cybersecurity teams.
Instructure Breach Exposes Schools' Vendor Dependence
ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.
VoidStealer Malware Darts Past Google Chrome's Encryption
Authors of the VoidStealer Trojan uncovered yet another way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.
AI-Driven Cyberattack on Mexico Couldn't Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
'TrustFall' Convention Exposes Claude Code Execution Risk
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no user interaction, thanks to skimpy warning dialogs.
Has CISA Finally Found Its New Leader in Tom Parker?
Dark Reading investigates rumors that Tom Parker, a board room "operator" and longtime cyber exec, could be next in line to take over CISA.
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
PCPJack makes innovative use of parquet files for stealthy, pre-validated target discovery as it canvasses multiple cloud environments.
ShinyHunters Claims Second Attack Against Instructure
The edtech company is struggling to wrest control from its hackers. PII belonging to hundreds of millions of people is on the line.
Cyber Espionage Group Targets Aviation Firms to Steal Map Data
The campaign quietly compromises aerospace and drone operators to exfiltrate GIS files, terrain models, and GPS data and gain a clear picture of adversaries' world view.
Hackers Use AI for Exploit Development, Attack Automation
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestrate complex attacks.
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
Tech Can't Stop These Threats — Your People Can
Security controls can do only so much. Here are four attacks where your employees are usually your first, and only, line of cyber defense.