Targeted
Threat Intelligence

NightSpire Ransomware Uses RDP Access and Remote Admin Tools for Stealthy Persistence

A new ransomware threat is making waves across dozens of industries and countries, using a surprisingly simple but effective approach to break into systems and ...

GitHub Down – Authentication Issues Denying Access to Actions

GitHub experienced a widespread service disruption on May 26, 2026, after authentication failures prevented developers from accessing critical automation servic...

Hackers Exploit Ghost CMS CVE-2026-26980 to Poison 700 Websites With ClickFix Malware

A critical SQL injection flaw in Ghost CMS has been weaponized by at least two threat actor groups to silently poison over 700 websites with ClickFix malware, p...

Microsoft Defender can now automatically isolate hacked endpoints

Microsoft is testing a new Defender for Endpoint capability that will automatically isolate compromised endpoints to thwart attackers' attempts to move laterall...

Webinar: Too many tools are slowing network incident response

IT teams often need to jump between monitoring dashboards, infrastructure tools, ticketing systems, and communication platforms during network incidents. This w...

CISA Announces Revised Town Hall Schedule to Engage with Stakeholders on Cyber Incident Reporting for Critical Infrastructure

Remembering Tim Wilson, Whose Legacy Lives on at Dark Reading

The co-founder and former editor-in-chief passed away five years ago in November. As Dark Reading enters is third decade, we pause to celebrate and honor Wilson...

185,000 Likely Impacted by 7-Eleven Data Breach

The allegedly stolen information leaked by ShinyHunters contains email addresses, names, addresses, and dates of birth. The post 185,000 Likely Impacted by 7-El...

[THN Webinar] New AI DDoS Attacks Are Smarter. Learn How to Fight Back

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. The...

New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar

Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. The...

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requ...

Windows Server 2016 Domain Controller May Fail with 15-Character Hostname

Windows administrators are facing a disruptive bug in Windows Server 2016 following Microsoft’s May 12, 2026, security update KB5087537. The update introd...

Anthropic Expands Claude’s Enterprise Security Governance With 28 New Integrations

Notable integrations include CrowdStrike, Palo Alto Networks, Microsoft, Okta, Zscaler, Netskope, Cloudflare, Fortinet, and Wiz. The post Anthropic Expands Clau...

Hackers Use SEO Poisoning to Impersonate Gemini CLI and Claude Code Installers

Hackers are targeting software developers by creating fake installation pages for two popular AI coding tools, Gemini CLI and Claude Code. The attackers are usi...

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited Knowl...

Watch on Demand: Threat Detection & Incident Response Summit – All Sessions Available

Register to enjoy free access and explore the tools, strategies, and frameworks needed to build a resilient security program for a world where every minute coun...

Critical Memcached SASL Vulnerability Let Attackers Infer Valid Usernames

A newly disclosed security issue in Memcached has raised concerns after developers confirmed a timing side-channel vulnerability in its SASL authentication mech...

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images

DockSec, an OWASP incubator project, correlates findings from multiple container security scanners and uses AI to generate plain-English remediation guidance an...

Apache CXF LDAP Injection Vulnerability Let Attacker Retrieve Arbitrary Certificates

A newly disclosed vulnerability in Apache CXF, tracked as CVE-2026-44930, is raising concerns among enterprise users relying on its XKMS (XML Key Management Spe...

ConnectWise Automate Vulnerability Let Attackers Bypass Security Checks

ConnectWise has disclosed a high-impact security vulnerability in its Automate platform that could allow attackers to bypass critical security checks and execut...