All Episodes

Hundreds of Malicious Packages Force RubyGems to Suspend Registrations

Chipmaker Patch Tuesday: Intel and AMD Patch 70 Vulnerabilities

Fortinet, Ivanti Patch Critical Vulnerabilities

Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises

716,000 Impacted by OpenLoop Health Data Breach

Government to Scrutinize Instructure Over Canvas Disruption, Data Breach

Webinar Today: ROI for Cyber-Physical Security Programs

GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data

Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws

Most Remediation Programs Never Confirm the Fix Actually Worked

[Webinar] Why Your AppSec Tools Miss the "Lethal Path" (and How to Fix It)

Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation

Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday

China's 'FamousSparrow' APT Nests in South Caucasus Energy Firm

LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

Is the SOC Obsolete, and We Just Haven’t Admitted It Yet?

Claude Mythos Finds Only One Curl Vulnerability; Experts Divided on What It Really Means

SAP Patches Critical S/4HANA, Commerce Vulnerabilities

Apple Patches Dozens of Vulnerabilities in macOS, iOS

West Pharmaceutical Services Hit by Disruptive Ransomware Attack

Deal Reached With Hackers to Delete Data Stolen From the Canvas Educational Platform

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

Why Agentic AI Is Security's Next Blind Spot

Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help

New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots

20 Leaders Who Built the CISO Era: 2 Decades of Change

Resurrected ‘Crimenetwork’ Marketplace Taken Down, Administrator Arrested

New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks

Canvas System Is Online After a Cyberattack Disrupted Thousands of Schools

Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack

SailPoint Discloses GitHub Repository Hack

Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring

Skoda Data Breach Hits Online Shop Customers

Google Detects First AI-Generated Zero-Day Exploit

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Cyber Espionage Group Targets Aviation Firms to Steal Map Data

Hackers Use AI for Exploit Development, Attack Automation

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

cPanel, WHM Release Fixes for Three New Vulnerabilities — Patch Now

Ransomware Group Takes Credit for Trellix Hack

‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials

Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom

AI Firm Braintrust Prompts API Key Rotation After Data Breach

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk

Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities

MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs

Karakurt Ransomware Negotiator Sentenced to Prison

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server

Critical Remote Code Execution Vulnerability Patched in Android

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Hacker Conversations: Joey Melo on Hacking AI

Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed

How the Story of a USB Penetration Test Went Viral

Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

OpenAI Rolls Out Advanced Security for ChatGPT Accounts

Exploitation of ‘Copy Fail’ Linux Vulnerability Begins

DigiCert Revokes Certificates After Support Portal Hack

Cybersecurity M&A Roundup: 33 Deals Announced in April 2026

Trellix Source Code Repository Breached

Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks

Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

2026: The Year of AI-Assisted Attacks

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass

Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools

How Dark Reading Lifted Off the Launchpad in 2006

Silver Fox Springs Tax-Themed Attacks on Orgs in India, Russia

Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability

US Military Reaches Deals With 7 Tech Companies to Use Their AI on Classified Systems

New Bluekit Phishing Kit Features AI Assistant

1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, Intercom

FBI Warns of Surge in Hacker-Enabled Cargo Theft

Hugging Face, ClawHub Abused for Malware Distribution

Cisco Releases Open Source Tool for AI Model Provenance

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

Top Five Sales Challenges Costing MSPs Cybersecurity Revenue

20 Years in Cyber: Dark Reading Marks Milestone With Month of Special Coverage

Name That Toon: Mark of (Security) Progress

Sandhills Medical Says Ransomware Breach Affects 170,000

‘Copy Fail’ Logic Flaw in Linux Kernel Enables System Takeover

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

Oracle Red Bull Racing Team Revs Up Automation to Boost Security

Chrome 147, Firefox 150 Security Updates Rolling Out

38 Vulnerabilities Found in OpenEMR Medical Software

Iranian Cyber Group Handala Targets US Troops in Bahrain

Checkmarx Confirms Data Stolen in Supply Chain Attack

Hundreds of Internet-Facing VNC Servers Expose ICS/OT

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)

Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks

Lotus Wiper Attack Targets Venezuelan Energy Firms, Utilities

Alleged Chinese State Hacker Extradited to US

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

Spectrum Security Emerges From Stealth Mode With $19 Million

Germany Suspects Russia Is Behind Signal Phishing That Targeted Top Officials

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety

Sevii Launches Cyber Swarm Defense to Make Agentic AI Security Costs Predictable

Dozens of Open VSX Extension Clones Linked to GlassWorm Malware

Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks

After Mythos: New Playbooks For a Zero-Window Era

Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE

Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About

Firefox Vulnerability Allows Tor User Fingerprinting

US Launches Sweeping Crackdown on Southeast Asia Cyberscams and Sanctions Cambodian Senator

Easily Exploitable ‘Pack2TheRoot’ Linux Vulnerability Leads to Root Access

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

Energy and Water Management Firm Itron Hacked

Malicious AI Prompt Injection Attacks Increasing, but Sophistication Still Low: Google

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

Mythos Changed the Math on Vulnerability Discovery. Most Teams Aren't Ready for the Remediation Side

⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Parsing Agentic Offensive Security's Existential Threat

20-Year-Old Malware Rewrites History of Cyber Sabotage

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Ransomware Hits Automotive Data Expert Autovista

Cisco Patches Critical Vulnerabilities in Webex, ISE

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Splunk Enterprise Update Patches Code Execution Vulnerability

Artemis Emerges From Stealth With $70 Million in Funding

Data Breach at Tennessee Hospital Affects 337,000

Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

[Webinar] Find and Eliminate Orphaned Non-Human Identities in Your Environment

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Fortinet Patches Critical FortiSandbox Vulnerabilities

Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

Two Vulnerabilities Patched in Ivanti Neurons for ITSM

Mirax RAT Targeting Android Users in Europe

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

Nightclub Giant RCI Hospitality Reports Data Breach

Google Adds Rust DNS Parser to Pixel Phones for Better Security

Triad Nexus Evades Sanctions to Fuel Cybercrime

SAP Patches Critical ABAP Vulnerability

Europe’s Largest Gym Chain Says Data Breach Impacts 1 Million Members

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Fake Claude Website Distributes PlugX RAT

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

Your MTTD Looks Great. Your Post-Alert Gap Doesn't

Your Next Breach Will Look Like Business as Usual

Hims Breach Exposes the Most Sensitive Kinds of PHI

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

Google Rolls Out Cookie Theft Protections in Chrome

Critical Marimo Flaw Exploited Hours After Public Disclosure

MITRE Releases Fight Fraud Framework

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Industry Reactions to Iran Hacking ICS in Critical Infrastructure: Feedback Friday

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

In Other News: Cyberattack Stings Stryker, Windows Zero-Day, China Supercomputer Hack

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands?

Industrial Controllers Still Vulnerable As Conflicts Move to Cyber

Orange Business Reimagines Enterprise Voice Communications With Trust and AI

FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats

300,000 People Impacted by Eurail Data Breach

Adobe Reader Zero-Day Exploited for Months: Researcher

Google Warns of New Campaign Targeting BPOs to Steal Corporate Data

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Can we Trust AI? No – But Eventually We Must

Apple Intelligence AI Guardrails Bypassed in New Attack

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

The Hidden Security Risks of Shadow AI in Enterprises

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks

US Disrupts Russian Espionage Operation Involving Hacked Routers and DNS Hijacking

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

Evasive Masjesu DDoS Botnet Targets IoT Devices

Massachusetts Hospital Diverts Ambulances as Cyberattack Causes Disruption

FBI: Cybercrime Losses Neared $21 Billion in 2025

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

Data Leakage Vulnerability Patched in OpenSSL

Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long

Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies

Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs

Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams

Niobium Introduces The Fog

Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus

Fraud Rockets Higher in Mobile-First Latin America

AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties

Threat Actors Get Crafty With Emojis to Escape Detection

Russia's Forest Blizzard Nabs Rafts of Logins Via SOHO Routers