Blog

Hamas’s best hackers have been maturing, building better malware, and spreading their attacks more widely across the region.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2025-58360 (CVSS score: 8.2), an unauthenticated XML External Entity (XXE) flaw that affects all versions prior…

Financial institutions need to be proactive when identifying and mentally preventing fraudulent activity. Here’s what to watch f for .

Dark Reading will continue to publish Tech Talks and Ask the Expert pieces in the Commentary section. Read on for submission guidelines.

A month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-up

Wiz disclosed a still-unpatched vulnerability in self-hosted Git service Gogs, which is a bypass for a previous RCE bug disclosed last year.

The availability of exploit code will likely lead to more widespread opportunistic attacks

#1 Ranked in 66 Global Reports

Using artificial intelligence in operational technology environments could be a bumpy ride full of trust issues and security challenges.

This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life…