California may let Linux bypass age check
Exemption in amendment offers relief to open source software makers
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
KnowledgeDeliver flaw exploited as a zero-day to install web shells
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. [...]
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
In just six hours, the campaign quietly pushed thousands of malicious commits to more than 5,500 GitHub repositories, stealing credentials, developer secrets, and more.
Charter confirms data breach after ShinyHunters extortion threat
U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom i…
_Gang_Liu_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
State Cyber Leaders Push Congress for More Funding, Support
A recent congressional hearing highlighted how states are reeling from federal cutbacks to important cybergrants and information-sharing initiatives amid damaging attacks to critic…
Shai-Hulud Hackers TeamPCP: Lucky or Skilled?
TeamPCP, the cybercrime group behind later waves of the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.
For Enterprises, Security Remains Agentic AI's Biggest Challenge
Every company needs an agentic AI strategy, but the tools to allow agentic AI frameworks be safely and securely adopted are just starting to appear.
Microsoft Issues Out-of-Band SharePoint Patch
SharePoint often gives access to the keys of the kingdom, something attackers and defenders understand all too well.
MyPillow must decide whether to be firm or soft as ransomware crims demand pay
Guess they could deny the alleged intrusion … like the 2020 election results
PP111: New HPE Mist Features Validate NAC Changes, Enable Inline Microsegmentation (Sponsored)
HPE has announced new features in its Juniper Mist portfolio. On today’s sponsored Packet Protector, we dig into those features, including a dry run option that lets organizations …
HS133: Approaching Zero…Trust (Sponsored)
Most enterprises have some kind of zero trust strategy, but a lot of them could be better described as good intentions rather than active programs being implemented. Making good on…
MySQL faithful launch OurSQL Foundation to keep Oracle honest
Community group wants transparency, collaboration, and a clearer roadmap for the open source database
HW080: WLAN Pros’ Wi-Fi Troubleshooting Course
The tool does not troubleshoot your network, you troubleshoot your network and the tool just shows you what’s there. If you don’t have a method, it doesn’t matter how many tools yo…
Bezos rocket fell short after cryogenic leak cut engine thrust
Frozen hydraulic line blamed for leaving payload in the wrong orbit
Cisco redefines ‘job-ready’ for network engineers with its certification overhaul
Cisco is revamping its flagship Cisco Certified Network Associate (CCNA) certification for the first time in seven years, adding a new AI literacy pillar, more hands-on lab require…
Microsoft wants safer C# without turning it into Rust
Unsafe bits get a warning label in planned low-level coding shake-up
Starship shows it can deploy satellites, but Moon mission clock still ticks
What's a tumbling Super Heavy and a skipped Raptor relight between friends?
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
The Iranian hacking group known as MuddyWater has been linked to a new campaign affecting at least nine organizations across nine countries on four continents in the first quarter …
Huawei's chip law looks less like Moore and more like marketing
Chinese tech biz shows off clever workaround for its process node gap, but it isn't catching up with Intel and TSMC
Identifying People Using Wi-Fi Routers
Not identifying people based on their use of Wi-Fi routers, but identifying people using Wi-Fi signals. This is accomplished through what is known as WiFi sensing, or the use of Wi…
NB576: IBM Gets Big Bucks to Build Quantum Chip Fab; AT&T Sues to Hang Up on Copper Phone Lines
Take a Network Break! We sound the alarm about a critical vulnerability in an on-prem Azure stack. On the news side, AI NetOps startup Selector adds public cloud observability to i…
How Varonis Atlas integrates Claude Compliance API for AI governance
AI governance requires visibility into how AI tools interact with enterprise data. Varonis explains how its Atlas platform uses Claude Compliance API data to help monitor usage, in…
AppOmni’s Marlin AI Brings Autonomous Investigation to SaaS Security
Marlin AI automatically analyzes SaaS misconfigurations, investigates related activity across enterprise environments, and recommends remediation steps — while stopping short of fu…
Rogue states are putting AI agents to work on sanctions evasion
RUSI warns fake IDs, shell companies, and crypto laundering could soon operate at industrial scale
Iranian APT Targets Aviation, Software Companies With Updated Tools
Nimbus Manticore has continued its operations during and after the US military campaign against Iran. The post Iranian APT Targets Aviation, Software Companies With Updated Tools a…
Gothenburg's self-driving bus trammed on day one
Autonomous shuttle's second passenger trip ends with rear-end collision and a tow truck
Microsoft Defender can now automatically isolate hacked endpoints
Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterally across the network…
Webinar: Too many tools are slowing network incident response
IT teams often need to jump between monitoring dashboards, infrastructure tools, ticketing systems, and communication platforms during network incidents. This webinar explores how …
Experts pour cold borscht on Farage's Russian hack claim
Reform UK leader alleges Moscow broke into his phone and leaked £5M gift story, but security specialists await evidence
Remembering Tim Wilson, Whose Legacy Lives on at Dark Reading
The co-founder and former editor-in-chief passed away five years ago in November. As Dark Reading enters its third decade, we pause to celebrate and honor Wilson's instrumental rol…