-
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024. The attacks are characterized by the …
-
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. “The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules Read…
-
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,” Arctic Wolf Labs researcher Julian Tuin said…
-
Dark Reading’s 2025 News Desk marks a decade of Black Hat USA memories. We’re making our return with a slate of interviews that help you stay up on the latest research from Black Hat — no trip to Las Vegas required. Read More
-
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution. The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim Labs, which previously disclosed EchoLeak.…
-
Security debt ahoy: Only about half of the code that the latest large language models (LLMs) create is cybersecure, and more and more of it is being created all the time. Read More
-
_Yee_Xin_Tan_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
By creating a safe environment for open discussion, prioritizing human context alongside technical data, and involving diverse stakeholders, organizations can turn security incidents into accelerators of resilience. Read More
-
Forget gullible old people — Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt. Read More
-
The fall of RansomHub led to a major consolidation of the ransomware ecosystem last quarter, which was a boon for the DragonForce and Qilin gangs. Read More
-
The ransomware gang claims to have stolen 3.5TB of data, and told the technology distributor to pay up or suffer a data breach. Read More