Hackers Steal 4M+ TransUnion Customers’ Data
The credit reporting agency said the breach was “limited to specific data elements” and didn’t include credit reports or core credit information.
Akira, Clop Top List of 5 Most Active Ransomware-as-a-Service Groups
Flashpoint published its 2025 mid-year ransomware report that highlighted the top five most prolific groups currently in operation.
1,000+ Devs Lose Their Secrets to an AI-Powered Stealer
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours.
Dark Reading Confidential: A Guided Tour of Today’s Dark Web
Dark Reading Confidential Episode 9: Join us for a look around today’s Dark Web, and find out how law enforcement, AI, nation-state activities, and more are reshaping the way cybercriminals conduct their dirty business online. Keith Jarvis, senior security researcher at Sophos’ Counter Threat Unit joins Dark Reading’s Alex Culafi for a conversation you don’t…
Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names
Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named “ahbanC.shiba” that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –
CISA’s New SBOM Guidelines Get Mixed Reviews
Updated SBOM rules from CISA are a solid step toward making them more useful for cyber defenders but don’t address many critical needs, experts say.
Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide
The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. “While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and
Defend what matters: Introducing Sophos Endpoint for Legacy Platforms
Comprehensive endpoint security for critical systems
Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec
Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right? In 2025, the average…
Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them
Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million…