[Dark Reading Virtual Event] Cybersecurity Outlook 2026

Security teams may have a less burdensome rollout in November after October’s Goliath Patch Tuesday, but shouldn’t wait on a few top-priority fixes.

The British retailer said no account passwords were compromised in last month’s cyberattack, but the company will require customers to reset passwords “for extra peace of mind.”

A threat actor with ties to Pakistan has been observed targeting various sectors in India with various remote access trojans like Xeno RAT, Spark RAT, and a previously undocumented malware family called CurlBack RAT. The activity, detected by SEQRITE in December 2024, targeted Indian entities under railway, oil and gas, and external affairs ministries, marking…

It’s the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.

Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an “external” threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor…