Dark Reading

Dark Reading RSS feeds

Public RSS feed

Is the FCC's Router Ban the Wrong Fix?

The agency put foreign-made consumer routers on its list of prohibited communications devices, but the ban could create more problems down the road.
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles

More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance.
Critical Flaw in Langflow AI Platform Under Attack

Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.
How Organizations Can Use Blunders to Level Up Their Security Programs

Organizations repeatedly expose ports, reuse passwords, and skip patches, creating security gaps that attackers exploit for breaches. An industry veteran outlines ways to fix these common mistakes.
AI-Powered Dependency Decisions Introduce, Ignore Security Bugs

AI models often hallucinate or make costly mistakes when tasked with recommending software versions, upgrade paths, and security fixes — leading to significant technical debt.

Breaking News

The Hacker News

Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to admin@thehackernews.com

China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that's also tracked as Earth Bluecrow,
[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks
Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exists, so it’s assumed to work. A detection rule is active, so it’s expected to catch something. But very
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The flaw "allowed any website to silently inject prompts into that assistant as if the user wrote them," Koi Security researcher Oren Yomtov said in a report shared with The Hacker News. "No clicks, no

Dark Reading

Is the FCC's Router Ban the Wrong Fix?

Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles

Critical Flaw in Langflow AI Platform Under Attack

How Organizations Can Use Blunders to Level Up Their Security Programs

AI-Powered Dependency Decisions Introduce, Ignore Security Bugs