Whats The Hax?

Name That Toon Contest 1h ago ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed 5d ago Claude Fable 5 Doesn't Change the Mythos Security Story 6d ago Phishing Attack Volume Down 20%, But Risk Still Rising 6d ago Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure 6d ago Segmentation Works for OT If Operators Are Paying Attention 6d ago Chinese, N. Korean Threat Groups Build on Asia-Pacific Success 7d ago CISA Rewrites Federal Patching Requirements for AI Threat Era 7d ago Bug Bounty Research Triggers ServiceNow Security Alert 7d ago AI Risk Worries Insurers & Businesses Alike 7d ago Nightmare-Eclipse Drops Yet Another Microsoft Exploit, RoguePlanet 7d ago The Invisible Battlefield: How Cyberwar Is Reshaping Everyday Life 8d ago Blame AI: Patch Tuesday Hits Record 206 CVEs 8d ago Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address 8d ago Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories 8d ago Russian Attackers Weaponize WinRAR Flaw Against Ukrainian Orgs 8d ago AI Slop Will Kill Cybersecurity Storytelling If We Let It 9d ago Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks 9d ago Check Point VPN Flaw Exploited Since Early May 9d ago Iran Signed a Ceasefire — Its Hackers Didn't 9d ago [An RX Global Event] Infosecurity Europe 16d ago Name That Toon: Mark of (Cybersecurity) Progress 19d ago Asia's Cyber Insurance Market Shows Signs of Life 19d ago With Complex Cloud Integrations, Small Errors Lead to Major Compromises 20d ago 'The Com' Cyberattacks Support Violence & Sexploitation 20d ago As Global Powers Explore Humanoid Robots, Cyber-Risk Looms 20d ago Dutch Raid Fails to Dent Russian Bulletproof Host 20d ago Agentic AI Isn't Risky; the Way Orgs Deploy It Is 20d ago Focus on Cyber Insurance: How Quantifying Risk Is Reshaping Security 21d ago BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model 21d ago Nordic CISOs Handle Rising Cyber Threats Remarkably Well 21d ago Ransomware Actors Show Up In Person to Steal Law Firm Data 21d ago Latin American Cybercriminals Hoover Up Government Data 21d ago AI-Assisted Exploit Development Outpaces Scanner Detection 21d ago Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security 22d ago Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos 22d ago State Cyber Leaders Push Congress for More Funding, Support 22d ago Shai-Hulud Hackers TeamPCP: Lucky or Skilled? 22d ago For Enterprises, Security Remains Agentic AI's Biggest Challenge 22d ago The Boring Stuff is Dangerous Now 31d ago Can Laws Stop Deepfakes? South Korea Aims to Find Out 31d ago Congress Puts Heat on Instructure After Canvas Outage 33d ago Cyber Pioneers Ponder Past as Prologue 34d ago Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems 34d ago SecurityScorecard Snags Driftnet to Level Up Threat Intelligence 34d ago Maximum Severity Cisco SD-WAN Bug Exploited in the Wild 34d ago 'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine 34d ago AI Drives Cybersecurity Investments, Widening 'Valley of Death' 35d ago Foxconn Attack Highlights Manufacturing's Cyber Crisis 35d ago Checkbox Assessments Aren't Fit to Measure Risk 35d ago Attackers Weaponize RubyGems for Data Dead Drops 35d ago Tables Turn on 'The Gentlemen' RaaS Gang With Data Leak 35d ago Dark Reading Celebrates 20 Years as a Leading Authority on Cybersecurity, Highlighting the People, Events, Ideas, and Technologies Shaping the Modern Risk Landscape 35d ago LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly 36d ago China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm 36d ago It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight 36d ago Hugging Face Packages Weaponized With a Single File Tweak 37d ago 20 Leaders Who Built the CISO Era: 2 Decades of Change 37d ago Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain 37d ago How the Story of a USB Penetration Test Went Viral 44d ago RMM Tools Fuel Stealthy Phishing Campaign 44d ago Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability 44d ago Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia 44d ago How Dark Reading Lifted Off the Launchpad in 2006 45d ago 76% of All Crypto Stolen in 2026 Is Now in North Korea 47d ago If AI's So Smart, Why Does It Keep Deleting Production Databases? 47d ago Name That Toon: Mark of (Security) Progress 48d ago 20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage 48d ago TeamPCP Hits SAP Packages With 'Mini Shai-Hulud' Attack 48d ago Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug 48d ago Anthropic's Mythos Has Landed: Here's What Comes Next for Cyber 48d ago Oracle Red Bull Racing Team Revs Up Automation to Boost Security 49d ago Claude Mythos Fears Startle Japan's Financial Services Sector 49d ago Reverse Engineering With AI Unearths High-Severity GitHub Bug 49d ago AI Finds 38 Security Flaws in Electronic Health Record Platform 49d ago Vect 2.0 Ransomware Acts as Wiper, Thanks to Design Error 49d ago Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities 50d ago BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures 50d ago NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later 50d ago Feuding Ransomware Groups Leak Each Other's Data 50d ago Vidar Rises to Top of Chaotic Infostealer Market 50d ago Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain 50d ago UNC6692 Combines Social Engineering, Malware, Cloud Abuse 51d ago Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation 51d ago

5 reasons Microsoft 365 backup isn’t enough for business data protection 1h ago Microsoft 365 helps keep services running, but protecting and recovering business data remains your responsibility. Acronis breaks down five gaps organizations should consider when evaluating Microsoft 365 data protection. Police cleans nearly 15,000 SocGholish-infected sites tied to Evil Corp 1h ago International law enforcement agencies cleaned nearly 15,000 malware-infected WordPress websites and took down more than 100 servers linked to the SocGholish botnet and the Evil Corp Russian cybercrime group. ShapedPlugin update flow hacked to infect WordPress sites 1h ago Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system. FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices. 1h ago A newly discovered data leak dubbed Apple fixes Beats Studio Buds flaw that let hackers spy on conversations 1h ago Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations. Telegram admits it couldn't police exam-leak channels, India tells court 1h ago India's government has told the Delhi High Court that Telegram was warned about two weeks before it was blocked, and that the platform admitted it could not proactively detect the channels selling leaked exam papers. Telegram says it cooper... F5 issues out-of-band patches for critical NGINX vulnerabilities 2h ago Cybersecurity company F5 has released out-of-band security updates to address multiple NGINX web server vulnerabilities, including two critical-severity flaws that could allow attackers to execute code on vulnerable systems. Microsoft fixes Windows Server 2016 security update failures 3h ago Microsoft has fixed a known issue causing the June 2026 security updates to fail on Windows Server 2016 systems that weren't up to date. Leak confirms OpenAI is testing a ChatGPT for Science subscription 12h ago OpenAI appears to be testing a new subscription and experience for science use cases, but it's unclear if it'll be available to everyone regardless of their background. Google to use UK and EU user IP addresses for ad personalization 17h ago From August 3, 2026, Google will use IP addresses from UK, EEA and Switzerland users for ad measurement and personalization. It lands as the ICO weighs new consent rules, and years after Google itself called using such signals to identify d... Why Account Takeovers Are Rising and How to Stop Them 1d ago India's Telegram ban hit the UAE too. Here's how to get around it 1d ago Microsoft confirms Office apps launch issues after June updates 1d ago CISA orders feds to patch max severity Joomla plugin flaw by Friday 1d ago Microsoft working on Defender patch for RoguePlanet zero-day 1d ago

DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic 1h ago Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network 2h ago The Scripts on Your Checkout Page Are Now a PCI DSS Problem 3h ago Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments 19h ago Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development 20h ago Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline 22h ago Adversarial Exposure Validation Turns Security Visibility into Confident Prioritization 23h ago Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats 1d ago The Top 10 Attack Surface Exposures in 2026 1d ago 145 Mastra npm Packages Compromised via Hijacked Contributor Account 1d ago CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution 1d ago Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting 1d ago ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures 1d ago New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds 2d ago Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive 2d ago Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week 2d ago China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth 2d ago Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware 2d ago Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw 2d ago CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation 2d ago

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push 1h ago No Exploits Required 1h ago Dream Raises $260 Million at $3 Billion Valuation 2h ago Atlassian, Splunk Patch Critical Vulnerabilities 3h ago Rokarolla Banking Trojan Targets 200 Applications 3h ago Critical Command Execution Vulnerability Patched in Cisco ISE 3h ago F5 Patches Critical, High-Severity NGINX Vulnerabilities 4h ago SailPoint to Acquire Entro in Reported $200 Million Deal 5h ago Kodak Admits Data Breach After ShinyHunters Hack Claims 6h ago Webinar Today: How Modern Breaches Bypass MFA and Evade Detection 1d ago

How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras 3h ago The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed 8h ago Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society 1d ago ‘Dangerous’ AI Models Are Coming No Matter What 1d ago Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses 3d ago The FCC Wants to Kill Burner Phones 5d ago Grok Is Still Hosting Sexualized Deepfakes of Famous Women 6d ago Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts 6d ago Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps 7d ago CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats 7d ago Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick 7d ago Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition Tools in the US 8d ago Mapping Every Flock License Plate Reader Near US World Cup Stadiums 8d ago Soccer Fans, You’re Being Watched 8d ago Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations 8d ago Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You 8d ago Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report 9d ago All the Ways Europe Is Ditching American Technology 10d ago Crypto-Funded Chinese Peptide Labs Are Booming 12d ago Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones 13d ago

Hostile states behind three-quarters of attacks on Britain's critical infrastructure, cyber chief warns 20h ago EU grants Ukraine access to cybersecurity reserve for major attacks 21h ago Warner warns of CISA cuts, staffing gaps in letter to acting chief 1d ago India's Telegram ban draws criticism from Durov as company challenges order in court 1d ago GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say 1d ago

A case for how to shape ‘ingredient lists’ for AI models 1d ago Google exposes China espionage group that’s been lurking in networks undetected since 2023 2d ago Cybersecurity experts don’t think Anthropic’s Fable 5 presents a unique threat 2d ago Anthropic disables new models after government calls them a national security concern 4d ago FBI takes down massive China-based cybercrime network that caused $1.9B in losses 5d ago US, France, and Italian authorities shut down massive deepfake porn site 5d ago Conti ransomware group member pleads guilty, faces up to 20 years in prison 5d ago ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw 5d ago CyberCorps is adapting to AI. The budget isn’t keeping up. 6d ago Russian national charged in connection with Void Blizzard espionage campaign 6d ago OpenAI: ‘Likely’ Chinese influence operation tried to use ChatGPT to stir debate on data centers 7d ago CISA directive orders agencies to prioritize vulnerability patching in a new way 7d ago Microsoft breaks Patch Tuesday record with 206 vulnerabilities 8d ago Anthropic’s new model is Mythos on a leash 8d ago CISA is rethinking how it prioritizes risks and vulnerabilities for feds, private sector 8d ago Cisco customers encounter another SD-WAN zero-day under attack 9d ago Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint 9d ago The AI security race needs accountability, not overregulation 10d ago Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away 12d ago Hill Dems hammer GOP for $250M CISA budget cut 13d ago Your AI agent could become your biggest insider threat 13d ago Inside the race to adapt to an AI-powered security world 13d ago European authorities crack down on illegal streaming networks 14d ago DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels 14d ago DOD wants to integrate cyber in all operations, and integrate security into AI 15d ago Trump administration releases scaled-back AI executive order 15d ago Anthropic expanding access to Project Glasswing 15d ago Attackers are exploiting Palo Alto Networks defect that initially flew under the radar 16d ago Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight 16d ago USPS moving forward with mail-in ballot changes as courts weigh Trump’s election order 16d ago Election threats are focused on campaign systems, not voting machines 17d ago Tennessee man linked to 764 accused of series of crimes against children dating back to 2022 19d ago Federal audit reveals NIST’s NVD is plagued by poor planning and duplication 19d ago House panel poised to hold hearing centered on AI impact on cyber 20d ago Google security engineer accused of turning confidential search trends into $1.2M win on Polymarket 20d ago Zapier fixes bug chain that researchers say risked widespread account takeover 21d ago OpenAI heralds cybersecurity, election interference safeguard plans for 2026 midterms 21d ago FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person 21d ago UK spy chief labels AI ‘unstoppable force’ with offensive, defensive ramifications for cyberspace 21d ago CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain 22d ago Apple open-sources quantum-resistant encryption code 22d ago Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada 27d ago Lawmakers from both parties say CISA cuts have gone too far 27d ago Trump postpones executive order focused on AI security 27d ago CISA chief frets about open-source vulnerabilities, delayed security improvements 27d ago European authorities take down prolific cybercrime VPN service 27d ago The readiness paradox: Why a false sense of cyber confidence is becoming a liability 28d ago Meet Rampart and Clarity, Microsoft’s new red team combo AI agents 28d ago GitHub says internal repositories were impacted in poisoned VS Code extension attack 28d ago CISA credential leak raises alarms, and Capitol Hill demands answers 29d ago Attackers hit vulnerabilities hard last year, making exploits the top entry point for breaches 29d ago Mini Shai-Hulud returns, compromising hundreds of npm packages 29d ago Microsoft disrupts cybercrime service that abused software verification systems en masse 29d ago AI might cut false positives, but it won’t stop the slop 30d ago Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa 30d ago The Canvas breach proved that prevention is no longer enough 31d ago Former CISA nominee Sean Plankey named US CEO of defense startup 31d ago Colorado governor commutes prison sentence for election denier Tina Peters 33d ago Here’s how the FTC plans to enforce the Take It Down Act 33d ago Cisco zero-day under ongoing attack by persistent threat group 34d ago Pentagon cyber official calls advanced AI ‘revolutionary warfare’ 34d ago White House cyber official: identity security matters more than ever in the age of AI 34d ago Major tech manufacturer Foxconn confirms cyberattack hit North American factories 34d ago Researchers say AI just broke every benchmark for autonomous cyber capability 35d ago Closed briefing sets stage for House hearing on Anthropic’s Mythos and cyber risks 35d ago DOJ releases legal rationale for nationwide voter data collection 35d ago Weaponized AI: The new frontier of fraud and identity spoofing 35d ago Daybreak is OpenAI’s answer to the AI arms race in cybersecurity 35d ago ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack 36d ago Major world economies spell out key elements of AI ‘ingredients list’ 36d ago Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical 36d ago Google and Amnesty International teamed up to make it harder for spyware vendors to hide 36d ago AI is separating the companies built to scale from the ones built to sell 37d ago Instructure claims hackers returned stolen Canvas data after an extortion standoff 37d ago Google spotted an AI-developed zero-day before attackers could use it 38d ago The missing cybersecurity leader in small business 38d ago Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments 40d ago ShinyHunters claims nearly 9,000 schools affected by Canvas data breach 41d ago Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI 41d ago Ivanti customers confront yet another actively exploited zero-day 41d ago Trump officials are steering a cybersecurity scholarship program toward AI 41d ago American duo sentenced for hosting laptop farms for North Korean IT workers 42d ago One House Democrat is pressing Commerce on the government’s spyware use 42d ago A DOD contractor’s API flaw exposed military course data and service member records 42d ago A critical Palo Alto PAN-OS zero-day is being exploited in the wild 42d ago

Who Runs the Ransomware Group ‘The Gentlemen?’ 8d ago A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of... A Record-Breaking Patch Tuesday for June 2026 8d ago Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company's monthly Patch Tuesday cycle. Nearly three dozen of those bug... Hackers Used Meta’s AI Support Bot to Seize Instagram Accounts 16d ago The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions began circulating on Telegram showing how ... Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks 24d ago Authorities in the Netherlands have arrested the co-owners of two related Internet hosting companies for operating IT infrastructure used by Russia to carry out cyberattacks, influence operations and disinformation campaigns inside the Euro... Lawmakers Demand Answers as CISA Tries to Contain Data Leak 26d ago Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a v... Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada 27d ago Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf, a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed deni... CISA Admin Leaked AWS GovCloud Keys on Github 30d ago Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of inte... Patch Tuesday, May 2026 Edition 36d ago Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code. That reality is on full display this m... Canvas Breach Disrupts Schools & Colleges Nationwide 41d ago An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the servi... Anti-DDoS Firm Heaped Attacks on Brazilian ISPs 49d ago A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazi...