Guides, playbooks, and learning resources to level up your cybersecurity knowledge and keep your organization secure.
APT28 exploits SOHO routers for global DNS hijacking and adversary-in-the-middle attacks, enabling credential theft and espionage.
The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural.
The startup has created a layered security solution aiming to secure AI agents throughout their entire lifecycle.
An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials.
The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system.
Docker CVE-2026-34040 enables AuthZ bypass via padded requests, risking host compromise; fixed in version 29.3.1.
Dark Reading's Kelly Jackson Higgins shares insights on the past, present, and future of cybersecurity after attending RSAC 2026 Conference.
As AI dominated RSAC 2026, CISOs and industry leaders debated its role in security, from agentic applications to the challenges of scaling human involvement in decision-making.
A panel of five C-suite leaders discuss how cybersecurity success is measured and why it isn't improving results.
A critical DoS vulnerability in the Framework component of Android has also been fixed with the latest update.
Automated pentesting tools deliver strong early results, then quickly plateau. Picus Security explains how the "PoC cliff" leaves major attack surfaces untested and creates a dangerous validation gap.
By targeting Grafana’s AI components, attackers can point to external resources and inject indirect prompts to bypass safeguards.
