Dark Reading

Dark Reading, a leading destination for cybersecurity news, has become the go-to online community for security experts. Our members include top security researchers, Chief Information Security Officers (CISOs), and tech specialists, along with thousands of other professionals in the field. We invite you to be part of this vibrant community.

International, Trade/B2B

English

Online/Digital

Outlet metrics

Domain Authority

Ranking

Global

#101079

United States

#51568

Computers Electronics and Technology/Computers Electronics and Technology

#1208

Traffic sources

Monthly visitors

Articles

Could Ransomware Survive Without Cryptocurrency?

5 days ago | darkreading.com | Arielle Waldman

Ransomware has become synonymous with cryptocurrency, but factors such as poor cyber hygiene and organizations' willingness to pay ransoms are what fuel the threat. The number of recorded attacks and victims continues to climb following record-setting years for ransomware activity throughout 2023 and 2024. And the first few months of 2025 are on track to continue the upward trajectory. The pervasive threat has evolved significantly since the first recorded ransomware attack in 1989.
CISA Weighs In on Alleged Oracle Cloud Breach

5 days ago | darkreading.com | Kristina Beek

NEWS BRIEFThe Cybersecurity and Infrastructure Security Agency (CISA) has released an advisory recommending that organizations and individuals take steps to reduce risks associated with the potential compromise of a legacy Oracle cloud environment. In late March, researchers at CloudSek reported an alleged data breach involving a hacker stealing 6 million records from Oracle Cloud due to a compromised WebLogic zero-day flaw.
Apple Zero Days Under 'Sophisticated Attack,' but Details Lacking

5 days ago | darkreading.com | Rob Wright

Two Apple zero-day vulnerabilities were exploited in "extremely sophisticated attacks," according to the technology giant, but it has provided little detail on the threats. Researchers say Apple's signature lack of detail on such matters is a roadblock for building adequate cyber defenses.
PromptArmor Launches to Help Assess, Monitor Third-Party AI Risks

6 days ago | darkreading.com | Arielle Waldman

Artificial intelligence (AI) adoption is not slowing down, but it is creating heightened security risks for enterprises of all sizes. Mounting concerns, some new and some previously documented, are paving the way for new players to make their mark in AI security. PromptArmor, an AI security startup that officially launched earlier this month, says it can help organizations assess and monitor risks posed by AI in vendors.
Phones Pre-Downloaded With Malware Target Crypto Wallets

6 days ago | darkreading.com | Kristina Beek

Cheap android smartphones from Chinese manufacturers are carrying malware-ridden applications that imitate WhatsApp and Telegram and come preloaded on the devices. The Trojanized apps masquerade as their legitimate counterparts and contain functionality designed to steal cryptocurrency via clipping. The clippers copy wallet addresses before swapping it with the attacker's own.
CVE Program Cuts Send the Cyber Sector Into Panic Mode

6 days ago | darkreading.com | Becky Bracken

In keeping with the current administration's pledge to skinny down government to its skeletal remains, the Cybersecurity and Infrastructure Security Agency (CISA) was reportedly prepared to let its contract with MITRE to manage the Common Vulnerabilities and Exposures (CVE) program expire on April 16.
NIST Updates Privacy Framework With AI and Governance Revisions

1 week ago | darkreading.com | Arielle Waldman

The National Institute of Standards and Technology (NIST) updated its Privacy Framework to be more in line with its Cybersecurity Framework as the two becoming increasingly intertwined. The Cybersecurity Framework received its own update in February 2024. Organizations are increasingly using, storing, and sharing personal information—including highly sensitive data.
Multiple Groups Exploit NTLM Flaw in Microsoft Windows

1 week ago | darkreading.com | Jai Vijayan

Multiple attackers are actively exploiting a recently patched Windows vulnerability that exposes authentication credentials, despite Microsoft releasing a fix for it in March. CVE-2025-24054 is an NTLM (for NT LAN Manager) hash disclosure spoofing vulnerability that Microsoft identified as being of moderate severity and something that attackers were less likely to exploit, even though it requires only minimal user interaction to trigger.
China-Linked Hackers Lay Brickstorm Backdoors

1 week ago | darkreading.com | Rob Wright

New versions of a backdoor associated with a China-linked threat group were spotted inside the networks of European organizations. Researchers at Nviso, a Belgian cybersecurity startup, identified Windows-based variants of a backdoor known as Brickstorm.
NVDIA Flaws Expose AI Models, Critical Infrastructure

1 week ago | darkreading.com | Elizabeth Montalbano

Researchers are urging enterprises that rely on NVIDIA GPUs for their artificial intelligence (AI) workloads to ensure that systems are patched against critical security vulnerabilities in an NVIDIA toolkit for running GPU-accelerated containers. If exploited, the bugs can allow attackers to gain access to sensitive data, steal proprietary AI models, or create operational disruptions.