Dark Reading
@darkreading.bsky.social
One of the most widely read and trusted cybersecurity news sites, providing IT security professionals informed insights into the latest news and trends.
Shai-hulud: The Hidden Cost of Supply Chain Attacks: https://bit.ly/3NZ4itf by Alex Culafi
Shai-hulud: The Hidden Cost of Supply Chain Attacks
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.
bit.ly
February 6, 2026 at 9:22 PM
Shai-hulud: The Hidden Cost of Supply Chain Attacks: https://bit.ly/3NZ4itf by Alex Culafi
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult: https://bit.ly/3M83iT5 by Robert Lemos
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult
Malicious "skills" and persnickety configuration are just a few issues that security researchers have found when installing the OpenClaw AI assistant.
bit.ly
February 6, 2026 at 9:21 PM
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult: https://bit.ly/3M83iT5 by Robert Lemos
Latest on @darkreading.bsky.social
#DRTheEdge: "Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption https://zpr.io/cttbj2iWHKrJ #darkreading #cybersecurity
#DRTheEdge: "Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption https://zpr.io/cttbj2iWHKrJ #darkreading #cybersecurity
"Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption
The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption by default across their services, as privacy concerns mount amid increased AI use.
zpr.io
February 6, 2026 at 6:05 PM
Latest on @darkreading.bsky.social
#DRTheEdge: "Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption https://zpr.io/cttbj2iWHKrJ #darkreading #cybersecurity
#DRTheEdge: "Encrypt It Already" Campaign Pushes Big Tech to Prioritize E2E Encryption https://zpr.io/cttbj2iWHKrJ #darkreading #cybersecurity
Latest on @darkreading.bsky.social
#DRTechnology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #darkreading #cybersecurity
#DRTechnology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #darkreading #cybersecurity
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
A disconnect exists between the organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open-source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities.
zpr.io
February 6, 2026 at 1:21 PM
Latest on @darkreading.bsky.social
#DRTechnology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #darkreading #cybersecurity
#DRTechnology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #darkreading #cybersecurity
Latest on @darkreading.bsky.social DR Technology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #DRTechnology #darkreading #cybersecurity
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
A disconnect exists between the organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open-source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities.
zpr.io
February 6, 2026 at 1:20 PM
Latest on @darkreading.bsky.social DR Technology: Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful https://zpr.io/GzDPPq8L59Dc #DRTechnology #darkreading #cybersecurity
Cyber Success Trifecta: Education, Certifications & Experience: https://bit.ly/4r6DZ2U by Kristina Beek #DRTheEdge
Cyber Success Trifecta: Education, Certifications & Experience
Colonel Georgeo Xavier Pulikkathara, CISO at iMerit discusses the importance of fundamentals, continuous learning, and human ingenuity.
bit.ly
February 5, 2026 at 9:35 PM
Cyber Success Trifecta: Education, Certifications & Experience: https://bit.ly/4r6DZ2U by Kristina Beek #DRTheEdge
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis: https://bit.ly/4a26QiU by Nate Nelson #DRGlobal
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.
bit.ly
February 5, 2026 at 9:34 PM
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis: https://bit.ly/4a26QiU by Nate Nelson #DRGlobal
Extra Extra! Announcing DR Global Latin America: https://bit.ly/4axpeAb by Tara Seals
Extra! Extra! Announcing DR Global Latin America
Dark Reading has something new hitting newsstands: a content section purpose-built for LatAm readers, featuring news, analysis, features, and multimedia.
bit.ly
February 4, 2026 at 10:09 PM
Extra Extra! Announcing DR Global Latin America: https://bit.ly/4axpeAb by Tara Seals
Attackers Use Windows Screensavers to Drop Malware, RMM Tools: https://bit.ly/4cc7Lyt by Alexander Culafi
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," one researcher noted.
bit.ly
February 4, 2026 at 9:58 PM
Attackers Use Windows Screensavers to Drop Malware, RMM Tools: https://bit.ly/4cc7Lyt by Alexander Culafi
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations: https://bit.ly/4awohIp by Rob Lemos #DRGlobal
Big Breach or Smooth Sailing? Mexican Govt Faces Leak Allegations
Hacktivist group claims a 2.3-terabyte data breach exposes information of 36 million Mexicans, but no sensitive accounts are at risk, the government says.
bit.ly
February 4, 2026 at 9:57 PM
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations: https://bit.ly/4awohIp by Rob Lemos #DRGlobal
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil: https://bit.ly/4cb7Y55 by Nate Nelson
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil
Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
bit.ly
February 4, 2026 at 9:32 PM
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil: https://bit.ly/4cb7Y55 by Nate Nelson
Latest on @darkreading.bsky.social
#DRTechnology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #darkreading #cybersecurity
#DRTechnology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #darkreading #cybersecurity
AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet
Crowd-sourced bug bounties and pentesting firms see AI agents stealing the low-hanging vulnerabilities from their human counterparts, but oversight remains key.
zpr.io
February 4, 2026 at 1:03 PM
Latest on @darkreading.bsky.social
#DRTechnology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #darkreading #cybersecurity
#DRTechnology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #darkreading #cybersecurity
Latest on @darkreading.bsky.social DR Technology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #DRTechnology #darkreading #cybersecurity
AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet
Crowd-sourced bug bounties and pentesting firms see AI agents stealing the low-hanging vulnerabilities from their human counterparts, but oversight remains key.
zpr.io
February 4, 2026 at 1:02 PM
Latest on @darkreading.bsky.social DR Technology: AI May Supplant Pen Testers, But Oversight & Trust Is Not There Yet https://zpr.io/S6WG9cS8Yc2R #DRTechnology #darkreading #cybersecurity
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days: https://bit.ly/3NXMqPm by Jai Vijayan
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28's attacks use specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
bit.ly
February 3, 2026 at 10:58 PM
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days: https://bit.ly/3NXMqPm by Jai Vijayan
GlassWorm Malware Returns to Shatter Developer Ecosystems: https://bit.ly/4thk56I by Alexander Culafi
GlassWorm Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections.
bit.ly
February 3, 2026 at 10:48 PM
GlassWorm Malware Returns to Shatter Developer Ecosystems: https://bit.ly/4thk56I by Alexander Culafi
2026: The Year Agentic AI Becomes the Attack-Surface Poster Child: https://bit.ly/4qgJ0Vg by Tara Seals
February 3, 2026 at 8:30 PM
2026: The Year Agentic AI Becomes the Attack-Surface Poster Child: https://bit.ly/4qgJ0Vg by Tara Seals
Attackers Harvest Dropbox Logins Via Fake PDF Lures: https://bit.ly/4qbMdFP by Alexander Culafi
Attackers Harvest Dropbox Logins Via Fake PDF Lures
A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to Dropbox credential theft.
bit.ly
February 3, 2026 at 8:18 PM
Attackers Harvest Dropbox Logins Via Fake PDF Lures: https://bit.ly/4qbMdFP by Alexander Culafi
8-Minute Access: AI Accelerates Breach of AWS Environment: https://bit.ly/4rw9ovv by Elizabeth Montalbano
8-Minute Access: AI Accelerates Breach of AWS Environment
The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.
bit.ly
February 3, 2026 at 8:17 PM
8-Minute Access: AI Accelerates Breach of AWS Environment: https://bit.ly/4rw9ovv by Elizabeth Montalbano
Latest on @darkreading.bsky.social
#DRTheEdge: Dark Patterns Undermine Security One Click at a Time https://zpr.io/WUhwJn6GRXhT #darkreading #cybersecurity
#DRTheEdge: Dark Patterns Undermine Security One Click at a Time https://zpr.io/WUhwJn6GRXhT #darkreading #cybersecurity
Dark Patterns Undermine Security One Click at a Time
People trust organizations to do the right thing, but websites’ and apps’ dark patterns pose a hidden threat that can lead to inadequate security behaviors.
zpr.io
February 3, 2026 at 4:58 PM
Latest on @darkreading.bsky.social
#DRTheEdge: Dark Patterns Undermine Security One Click at a Time https://zpr.io/WUhwJn6GRXhT #darkreading #cybersecurity
#DRTheEdge: Dark Patterns Undermine Security One Click at a Time https://zpr.io/WUhwJn6GRXhT #darkreading #cybersecurity
County Pays $600K to Wrongfully Jailed Pen Testers: https://bit.ly/4qYVX7x by Nate Nelson
County Pays $600K to Wrongfully Jailed Pen Testers
Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises.
bit.ly
February 2, 2026 at 10:22 PM
County Pays $600K to Wrongfully Jailed Pen Testers: https://bit.ly/4qYVX7x by Nate Nelson
Chinese Hackers Hijack Notepad++ Updates for 6 Months: https://bit.ly/4ryoO2p by Jai Vijayan
Chinese Hackers Hijack Notepad++ Updates for 6 Months
State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious downloads.
bit.ly
February 2, 2026 at 10:21 PM
Chinese Hackers Hijack Notepad++ Updates for 6 Months: https://bit.ly/4ryoO2p by Jai Vijayan
ShinyHunters Expands Scope of SaaS Extortion Attacks: https://bit.ly/4kgv0JN by Elizabeth Montalbano
ShinyHunters Expands Scope of SaaS Extortion Attacks
Following its Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.
bit.ly
February 2, 2026 at 7:29 PM
ShinyHunters Expands Scope of SaaS Extortion Attacks: https://bit.ly/4kgv0JN by Elizabeth Montalbano
Out-of-the-Box Expectations for 2026 Reveal a Grab Bag of Risk: https://bit.ly/3ZKkuB0 by Tara Seals
Novel Cyber Expectations for 2026 Reveal a Grab Bag of Risk
Security teams need to be thinking about this list of emerging cybersecurity realities to avoid rolling the dice on enterprise risks (and opportunities).
bit.ly
February 2, 2026 at 7:26 PM
Out-of-the-Box Expectations for 2026 Reveal a Grab Bag of Risk: https://bit.ly/3ZKkuB0 by Tara Seals
Latest on @darkreading.bsky.social
#DRTechnology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #darkreading #cybersecurity
#DRTechnology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #darkreading #cybersecurity
Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation
Investors poured $140 million into Torq's Series D Round, bringing the startup's valuation to $1.2 billion, to bring AI-based "hyper automation" to SOCs.
zpr.io
January 31, 2026 at 5:35 PM
Latest on @darkreading.bsky.social
#DRTechnology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #darkreading #cybersecurity
#DRTechnology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #darkreading #cybersecurity
Latest on @darkreading.bsky.social DR Technology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #DRTechnology #darkreading #cybersecurity
Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation
Investors poured $140 million into Torq's Series D Round, bringing the startup's valuation to $1.2 billion, to bring AI-based "hyper automation" to SOCs.
zpr.io
January 31, 2026 at 5:34 PM
Latest on @darkreading.bsky.social DR Technology: Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation https://zpr.io/h7kZ8DekpN5j #DRTechnology #darkreading #cybersecurity