Charming Kitten APT Tries Spying on Israeli Cybersecurity Experts
Israel’s cyber pros are having to put theory into practice, as a notorious nation-state APT sponsored by Iran targets them with spear-phishing attacks.
WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews
Popular messaging platform WhatsApp has added a new artificial intelligence (AI)-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States, with plans to bring it to other regions and languages later…
And Now Malware That Tells AI to Ignore It?
Though rudimentary and largely non-functional, the wryly named “Skynet” binary could be a harbinger of things to come on the malware front.
Millions of Brother Printers Hit by Critical, Unpatchable Bug
A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer Brother.
CISA is Shrinking: What Does it Mean for Cyber?
Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency.
nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery
New research has uncovered continued risk from a known security weakness in Microsoft’s Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company Semperis, in an analysis of 104 SaaS applications, found nine of them to be vulnerable to Entra ID cross-tenant nOAuth abuse. First disclosed by
Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing
The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan.
Hundreds of MCP Servers Expose AI Models to Abuse, RCE
The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow that could result in unintended control…
Generative AI Exacerbates Software Supply Chain Risks
Malicious actors are exploiting AI-fabricated software components — presenting a major challenge for securing software supply chains.