As Incidents Rise, Japanese Government’s Cybersecurity Falls Short
The Japanese government suffered the most cybersecurity incidents in 2024 — 447, nearly double the previous year — while failing to manage 16% of critical systems.
GitHub Aims to Secure Supply Chain as NPM Hacks Ramp Up
GitHub will address weak authentication and overly permissive tokens in the NPM ecosystem, following high-profile threat campaigns like those involving Shai-Hulud malware.
Exposed Docker Daemons Fuel DDoS Botnet
The for-hire platform leverages legitimate cloud-native tools to make detection and disruption harder for defenders and SOC analysts.
From FBI to CISO: Unconventional Paths to Cybersecurity Success
Cybersecurity leader Jason Manar shares insights on diverse career paths, essential skills, and practical advice for entering and thriving in the high-stress yet rewarding field of cybersecurity.
Dark Reading Confidential: Battle Space: Cyber Pros Land on the Front Lines of Protecting US Critical Infrastructure
Dark Reading Confidential Episode 10: It’s past time for a comprehensive plan to protect vital US systems from nation-state cyberattacks, and increasingly, that responsibility is falling to asset owners across a vast swath of organizations, who likely never bargained for an international cyber conflict playing out in their environments. But here we are. And here’s…
Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security
Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are
Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries
Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in…
Iran-Linked Hackers Target Europe With New Malware
“Nimbus Manticore” is back at it, this time with improved variants of its flagship malware and targets that are outside its usual focus area.
Attackers Use Phony GitHub Pages to Deliver Mac Malware
Threat actors are using a large-scale SEO poisoning campaign and fake GitHub repositories to deliver Atomic infostealers to Mac users.
ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks
Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published last week. The attack chain involves