· 26 days ago· Dark Reading
How AI Coding Tools Crushed the Endpoint Security Fortress
Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have brought the walls down.
Topic
#security
315 articles found
· 26 days ago· The Hacker News
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
An ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. "The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails,"
· 26 days ago· Dark Reading
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx's KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.
· 26 days ago· The Hacker News
5 Learnings from the First-Ever Gartner Market Guide for Guardian Agents
On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short t
· 26 days ago· Dark Reading
Iran Hacktivists Make Noise but Have Little Impact on War
Iran-aligned groups are trying to make their mark in the Gulf, but the results have fallen short of remarkable.
· 26 days ago· The Hacker News
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own vulnerab
· 26 days ago· The Hacker News
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, includ
· 26 days ago· The Hacker News
FCC Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
The U.S. Federal Communications Commission (FCC) said on Monday that it was banning the import of new, foreign-made consumer routers, citing "unacceptable" risks to cyber and national security. The action was designed to safeguard Americans and the underlying communications networks the country reli
· 27 days ago· Dark Reading
AI Dominates RSAC Innovation Sandbox
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
_Wavebreakmedia_Ltd_IFE-210813_Alamy.png%3Fwidth%3D1280%26auto%3Dwebp%26quality%3D80%26disable%3Dupscale&w=3840&q=75)
· 27 days ago· Dark Reading
Attackers Hide Infostealer in Copyright Infringement Notices
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.
· 27 days ago· Dark Reading
CISOs Debate Human Role in AI-Powered Security
The idea of a "human in the loop" in AI deployment was challenged during a security executive panel at the RSAC 2026 Conference this week.
· 27 days ago· The Hacker News
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI ag
· 27 days ago· Dark Reading
Ransomware's New Era: Moving at AI Speed
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data
· 27 days ago· The Hacker News
⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More
Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, a
· 27 days ago· Dark Reading
Trivy Supply Chain Attack Targets CI/CD Secrets
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.
· 27 days ago· The Hacker News
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code "tasks.json" to distribute malware
· 27 days ago· Dark Reading
AI in the SOC: What Could Go Wrong?
Two cybersecurity leaders tested out AI in their respective SOCs for six months — and here's what they learned.
· 27 days ago· The Hacker News
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) - Insufficient input valid
· 27 days ago· The Hacker News
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9M Ransomware Damage
A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Departmen
· 27 days ago· Krebs on Security
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.