Dark Reading

Glasswing Secured the Code. The Rest of Your Stack Is Still on You

Forgotten integrations, shadow IT, SaaS, and now shadow AI and agents are everywhere, and attackers don't need sophisticated ...

New Mirai campaign exploits RCE flaw in EoL D-Link routers

A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability ...
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
Security Boulevard

The Invisible Threat: Business Logic Flaws in Modern Applications and Why Scanners Miss Them

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...

Vercel breach exposes the OAuth gap most security teams cannot detect, scope or contain

A Vercel employee's AI tool OAuth grant gave attackers access to internal systems via a four-hop kill chain. Here's what ...
GovInfoSecurity

Breach Roundup: Myanmar Scam Compound Managers Charged

This week, scam compounds. Attackers exploit flaws pre-disclosure. A crackdown on DDoS-for-hire. No Mythos for CISA, yes for ...
Dark Reading

Vercel Employee's AI Tool Access Led to Data Breach

Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...
HealthcareInfoSecurityOpinion

Beyond Mythos: A Defining Moment for Cybersecurity

The introduction of Anthropic's Mythos model signals a shift in the cybersecurity industry - one not yet fully understood, ...
The Financial ExpressOpinion

From assistants to adversaries

The answer lies in the movement from the artisanal to the industrial. A human attacker, no matter how gifted, is a ...
Rappler

SSS scam in PH traced to politically-connected Cambodian scam compound

The call came at a perfect time because Albert needed a payment reference number (PRN) from his SSS (social security service) but he was having a challenging time logging on to his app. The caller ...