Moving CVEs past one-nation control
A near-miss episode of attempted defunding spotlights a need for a better way
A near-miss episode of attempted defunding spotlights a need for a better way
Related
Critical Infrastructure Under Siege: OT Security Still Lags
With critical infrastructure facing constant cyber threats from the Typhoons and other corners, federal agencies and others are warning security for the OT network, a core technology in many critical sectors, is not powered up enough.
OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks
OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence (AI) tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan (RAT), a credential stealer with an aim to evade detection. The…
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution. The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below – CVE-2026-40176 (CVSS
Hacking the Hackers: When Bad Guys Let Their Guard Down
A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders.
Cybersecurity Evolution: How We Went From Perimeter Defense to AI-Native Security
The cybersecurity industry of 2006 barely resembled today’s billion-dollar behemoth. As part of Dark Reading’s 20th anniversary celebration, we trace the industry’s evolution through a technology lens.
Empowering Rural Education: Sophos India’s Volunteering Initiative
Transforming Futures: How Sophos India’s volunteers are driving education and hope in rural communities.