In this latest installment of the Reporters’ Notebook video series, we discuss how cyber insurance is forcing organizations to quantify risk, what’s covered (and what’s not), and why this could be the best thing to happen to cybersecurity.
State of AI Usage Report 2026 (full report here) by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don’t understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across users or platforms. Instead, it is heavily…
A new campaign orchestrated by a previously undocumented threat actor has targeted cryptocurrency organizations with an aim to facilitate digital asset theft using recruitment-themed social engineering and bespoke macOS malware. “These campaigns leveraged sophisticated social engineering techniques, custom macOS malware, and deep targeting of CI/CD infrastructure,” Wiz researchers Shira Ayal,
Artificial intelligence notwithstanding, the vast majority of CISOs in northern Europe say they’re facing no more serious cyberattacks than they did two years ago.
The FBI warned that the extortion gang Silent Ransom Group is targeting law firms and socially engineering its way into servers and databases.
A purported leak exposing 5.8 million records of Uruguayan citizens is the latest incident where cybercriminals targeted government agencies to monetize citizen data.
Attackers are using AI to dramatically reduce the time they need to develop a working exploit for a CVE, according to new research.
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as…
The cybersecurity industry of 2006 barely resembled today’s billion-dollar behemoth. As part of Dark Reading’s 20th anniversary celebration, we trace the industry’s evolution through a technology lens.
CrowdStrike, in partnership with Google and the Shadowserver Foundation, has announced the simultaneous disruption of all command-and-control (C2) channels associated with GlassWorm, a persistent software chain campaign targeting software developers through malicious packages and extensions. “Since at least early 2025, GlassWorm operators have systematically targeted software developers, a