More Than Dashboards: AI Decisions Must Be Provable
Enterprise leaders are demanding proof of what AI systems actually did, not just what they were designed to do or what dashboards report. As AI moves into regulated, high‑risk environments, boards and auditors expect decision‑level evidence for each action. The article proposes a "proof‑of‑decision" approach that records inputs, authorizations, and outcomes in a tamper‑resistant, replayable trace. This shift transforms AI governance from aggregate monitoring to verifiable accountability.
_roibu_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount
Iran‑linked APT MuddyWater has escalated its campaign, dubbed Operation Olalampo, against organizations in the Middle East and Africa. The group continues to rely on spear‑phishing but also began exploiting public‑facing servers, delivering several previously unseen malware strains such as the...
Enigma Cipher Device Still Holds Secrets for Cyber Pros
The Enigma cipher machine, originally built in 1918 and later adapted by the Nazis, saw only a few hundred surviving units out of an estimated 35,000‑40,000 produced. Historian‑turned‑cybersecurity expert Marc Sachs will discuss the device’s historic failures at RSAC 2026, highlighting...
600+ FortiGate Devices Hacked by AI-Armed Amateur
A financially motivated, Russian‑speaking threat actor used generative AI services to compromise more than 600 Fortinet FortiGate firewalls worldwide between January and February. The campaign avoided exploiting software vulnerabilities, instead leveraging exposed management ports and reused credentials with single‑factor authentication,...
Latin America's Cyber Maturity Lags Threat Landscape
Intel 471’s 2025 report shows Latin America’s cyber‑maturity is improving but the region faces a rapidly intensifying threat landscape. Ransomware incidents jumped 78% year‑over‑year, with more than 450 breaches recorded, while Brazil alone accounted for 30% of ransomware and extortion attacks....
Emerging Chiplet Designs Spark Fresh Cybersecurity Challenges
Chiplet technology is reshaping semiconductor design by allowing modular, mix‑and‑match silicon components, accelerating AI data‑center and autonomous‑vehicle development. However, the distributed manufacturing model creates new supply‑chain vulnerabilities, as a single compromised chiplet can introduce hardware Trojans that affect entire systems....
Supply Chain Attack Secretly Installs OpenClaw for Cline Users
Dark Reading reported that the npm package for Cline version 2.3.0 was compromised, causing it to silently download the OpenClaw tool during an eight‑hour window. The breach stemmed from a prompt‑injection flaw that allowed an attacker to steal release tokens and...
Connected and Compromised: When IoT Devices Turn Into Threats
The proliferation of consumer and enterprise IoT devices continues unchecked, yet most lack basic security controls such as passwords and encryption. Research presented by Mattia Epifani at RSAC 2026 shows that devices—from Amazon Echo to smart refrigerators—store unprotected audio, credentials, and personal...
More Than 40% of South Africans Were Scammed in 2025
South Africa experienced a staggering 77% scam victimization rate in the 12 months to early 2025, with 42% of adults losing money, averaging $130 per incident. GASA estimates scammers extracted roughly $2.3 billion from over 17.5 million South Africans, equating to about...
Singapore & Its 4 Major Telcos Fend Off Chinese Hackers
Singapore’s Cyber Security Agency and the nation’s four major telcos (M1, Simba Telecom, Singtel, StarHub) launched the "Cyber Guardian" operation, expelling the China‑linked threat actor UNC3886 after an 11‑month campaign. The attackers breached critical network segments but did not steal...
260K+ Chrome Users Duped by Fake AI Browser Extensions
Researchers at LayerX uncovered 30 malicious Chrome extensions masquerading as AI assistants, collectively amassing over 260,000 downloads. These extensions embed attacker‑controlled iframes that capture user prompts, emails, and webpage data, then relay them to remote servers while returning plausible AI...
Zscaler-SquareX Deal Boosts Zero Trust, Secure Browsing Capabilities
Zscaler announced the acquisition of Singapore‑based startup SquareX, adding its Chromium‑based browser extension to the Zero Trust Exchange platform. SquareX’s browser detection and response (BDR) technology provides real‑time threat detection inside browsers on managed and personal devices. The deal, closed...
Microsoft Under Pressure to Bolster Defenses for BYOVD Attacks
Microsoft faces mounting pressure as ransomware groups increasingly leverage bring‑your‑own‑vulnerable‑driver (BYOVD) attacks to neutralize endpoint security tools. While Windows has introduced driver signing enforcement and a vulnerable driver blocklist, legacy compatibility rules allow drivers with expired or revoked certificates to...
Booz Allen Announces General Availability of Vellox Reverser to Automate Malware Defense
Booz Allen Hamilton has launched the general availability of Vellox Reverser™, an AI‑driven malware reverse‑engineering platform that automates deep analysis at machine speed. The solution leverages a resilient agentic AI architecture, AWS Lambda, Bedrock and Step Functions to ingest samples,...
Asia Fumbles With Throttling Back Telnet Traffic in Region
Telnet remains a major security weakness in the Asia‑Pacific, accounting for roughly half of the world’s exposed Telnet endpoints. Global throttling on Jan. 14 cut Telnet sessions by 83 % but Asian providers applied inconsistent filters, leaving the region’s traffic relatively high....
SolarWinds WHD Attacks Highlight Risks of Exposed Apps
SolarWinds’ Web Help Desk (WHD) platform has become a favored target after numerous organizations unintentionally exposed the service to the public internet. Attackers are scanning for these open instances, exploiting weak or default credentials to infiltrate ticketing systems. Successful breaches...
![[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt8a0a23d922e8040c/698a52efc397d867074bbec6/DRVE_Event_2060319.png?width=1280&auto=webp&quality=80&disable=upscale)
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
The virtual event "Shields Up" spotlights emerging technologies reshaping cybersecurity defenses, featuring a slate of on‑demand webinars that explore AI‑driven attack surfaces, ransomware supply‑chain risks, and AI‑powered threat hunting. Complementary white papers dive into admin‑rights removal, least‑privilege strategies, and real‑world...
OT Attacks Get Scary With 'Living-Off-the-Plant' Techniques
Operational technology (OT) cyberattacks have so far been limited by attackers' lack of deep process knowledge, but experts warn that a shift toward "living‑off‑the‑plant" techniques could enable more damaging exploits. Recent ransomware spillovers into OT and incidents like the Norway...
What Organizations Need to Change When Managing Printers
Jim LaRoe, CEO of Symphion, warns that most enterprises only manage printers for uptime and cost, leaving them unprotected despite comprising 20‑30% of endpoints. He highlights an ownership vacuum, missing budget lines, and reliance on default configurations as core leadership...
'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption
The Electronic Frontier Foundation launched the "Encrypt It Already" campaign to pressure large tech firms to deliver on promised end‑to‑end encryption (E2EE) and to enable those features by default. The initiative highlights lagging implementations at companies such as Bluesky, Ring...
'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed
Security researchers discovered that dozens of publicly exposed, intentionally vulnerable training applications—such as Hackazon, OWASP Juice Shop, DVWA and bWAPP—are being run on real cloud infrastructure. These apps often carry over‑permissioned IAM roles, allowing attackers to harvest temporary credentials and...
Mass Spam Attacks Leverage Zendesk Instances
Zendesk reported a wave of mass spam campaigns that exploit its customer‑service platform to send phishing emails. The messages appear to originate from legitimate Zendesk subdomains, tricking recipients into opening malicious links. Zendesk clarified that the campaigns are not linked...
More Problems for Fortinet: Critical FortiSIEM Flaw Exploited
Fortinet disclosed a critical OS‑command‑injection flaw in its FortiSIEM platform (CVE‑2025‑64155) on Jan. 13, assigning it a 9.4 CVSS rating. The vulnerability enables unauthenticated remote code execution via crafted TCP requests to the phMonitor service. Within days, security firm Defused reported...
AI System Reduces Attack Reconstruction Time From Weeks to Hours
Pacific Northwest National Laboratory unveiled ALOHA, an AI‑driven system that reconstructs cyber attacks in hours instead of weeks. Leveraging Anthropic’s Claude LLM and MITRE’s Caldera framework, ALOHA translates threat reports into full attack playbooks and automatically tests them against simulated...
Winter Olympics Could Share Podium With Cyberattackers
The Unit 42 report warns that the Milano‑Cortina 2026 Winter Olympics will be a prime target for cyber‑criminals, nation‑state espionage groups, and hacktivists. Ransomware gangs are expected to exploit ticketing, point‑of‑sale and other critical infrastructure for extortion. State‑linked actors such as...
Vulnerabilities Surge, But Messy Reporting Blurs Picture
The National Vulnerability Database recorded a record 48,177 CVE identifiers for 2025, marking the ninth consecutive year of growth. Reporting is now dominated by new CNAs, with Patchstack, Wordfence and WPScan contributing 23% of all entries and MITRE falling to...
Trio of Critical Bugs Spotted in Delta Industrial PLCs
Researchers from OPSWAT’s Unit 515 uncovered four serious flaws in Delta Electronics’ DVP‑12SE11T programmable logic controller, including three critical CVSS 9+ vulnerabilities. Delta issued a firmware patch just before the 2026 New Year, but many OT environments may delay updates due to...
Secure Your Spot at RSAC 2026 Conference
The RSA Conference (RSAC) will convene cybersecurity leaders in San Francisco from March 23‑26, 2026, offering a platform to explore emerging strategies and bold technologies. Simultaneously, GISEC GLOBAL 2026 will gather CISOs, government officials, and ethical hackers across the Middle East and Africa...
Taiwan Endures Greater Cyber Pressure From China
Taiwan’s National Security Bureau reported an average of 2.63 million cyber attacks per day in 2025, a 6 percent rise from the prior year. Energy utilities faced a ten‑fold surge in malicious traffic while hospitals and emergency services saw attacks climb 54 percent....
CISO Succession Crisis Highlights How Turnover Amplifies Security Risks
Chief Information Security Officers are facing unprecedented turnover, with average tenure now 18‑26 months. Rapid M&A activity forces CISOs to juggle integration, risk, board advising, and crisis management, leading to burnout and a 66% report of excessive expectations. Surveys show...
Cyberattacks Likely Part of Military Operation in Venezuela
The United States’ Jan. 3 raid that captured Venezuelan President Nicolás Maduro was accompanied by a sudden power and internet outage in Caracas, prompting speculation that U.S. Cyber Command and other agencies deployed offensive cyber capabilities. President Trump hinted at "a...
DDoSia Powers Affiliate-Driven Hacktivist Attacks
Pro‑Russian hacktivist group NoName057(16) has been leveraging a volunteer‑distributed DDoS platform called DDoSia to launch coordinated attacks against government, media and institutional websites linked to Ukraine and Western interests. The tool, now modular and cross‑platform, enables participants with minimal technical...
_designer491_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
Startups are reshaping cybersecurity by turning browsers into the new endpoint, leveraging Chrome’s Manifest V3 extensions for Browser Detection and Response, and applying large‑language models to AppSec and SOC automation. MV3‑based extensions from SquareX, Keep Aware and LayerX give real‑time...
Advisor360 Gets a Handle on Shadow AI via Automation
Advisor360, a wealth‑management platform, faced uncontrolled shadow AI use as employees adopted free AI tools, creating security blind spots. Its small security operations center struggled to manually vet tools, taking days to assess risk. In 2024 the firm partnered with...
CISOs Face a Tighter Insurance Market in 2026
Cyber‑insurance premiums have softened but rate cuts are slowing, and insurers now demand verifiable security controls before underwriting. Boards increasingly view cyber coverage as a non‑negotiable component of risk‑management, pairing it with robust controls rather than treating it as a...
Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats
In a year‑end panel, cybersecurity leaders forecast that 2026 will be dominated by AI‑driven threats, with agentic AI and deepfake‑enabled social engineering emerging as top attack vectors. Identity management will shift toward zero‑trust models that include non‑human identities, while supply‑chain...
CTO New Year's Resolutions for a More Secure 2026
Security‑focused CTOs are setting five priority resolutions for 2026. First, they will operationalize AI governance by embedding repeatable controls, model gateways and telemetry into engineering pipelines to enforce "secure to ship" AI features. Second, they will add dedicated security controls...
Identity Security 2026: Four Predictions & Recommendations
Todd Thiemann forecasts four identity‑security trends for 2026. AI agents will move from SaaS sandboxes into core business processes, creating new breach vectors that demand holistic identity controls. Mid‑market firms, facing app sprawl, will finally adopt Identity Governance and Administration...
Cybersecurity Predictions 2026: An AI Arms Race and Malware Autonomy
Tyler Shields predicts that 2026 will see an AI‑driven escalation of both offensive cyber attacks and defensive tools, with attackers automating phishing, deep‑fakes, and vulnerability hunting at scale. Security teams will adopt autonomous containment, probabilistic exposure mitigation, and AI‑generated detection...
New Tech Deployments That Cyber Insurers Recommend for 2026
Cyber insurers see a sharp rise in AI‑driven phishing losses and a drop in vendor‑outage claims in H1 2025, prompting a shift in recommended defenses for 2026. Resilience’s Jud Dressler highlights role‑based access controls as the top technology to limit breach...
Dark Reading Confidential: Stop Secrets Creep Across Developer Platforms
Developers are increasingly leaking sensitive credentials across a growing array of platforms, from Git repositories to collaboration tools like JIRA and Slack. A recent “state of secret sprawl” report identified 23 million secrets in the public domain last year, and experts...
SBOMs in 2026: Some Love, Some Hate, Much Ambivalence
Software bills of materials (SBOMs) remain a cornerstone of supply‑chain security, yet widespread adoption stalls due to incomplete data, late‑stage generation, and open‑source gaps. Docker’s Hardened Images showcase a best‑practice model, embedding full SBOMs and Level 3 SLSA provenance, while many...
5 Threats That Defined Security in 2025
2025 was defined by a wave of high‑impact cyber threats, from the Chinese state‑backed APT Salt Typhoon targeting telecom networks and the US National Guard, to severe budget cuts at the Cybersecurity and Infrastructure Security Agency (CISA). The year also saw...
Mentorship & Diversity: Shaping the Next Generation of Cyber Experts
Patricia Voight, CISO of Webster Bank, shared her journey from telecom security to leading financial‑services cyber risk, emphasizing the sector’s constant evolution. She highlighted the bank’s mentorship and summer‑intern programs, which deliberately recruit neurodivergent talent and partner with universities. Voight...
_Yuri_Arcurs_alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Dark Reading Opens State of Application Security Survey
Dark Reading has launched its 2026 State of Application Security survey, extending the 2025 study that gathered insights from over 100 cybersecurity professionals. The new questionnaire adds topics like vibe coding and secure‑coding training while retaining core questions for year‑over‑year...
Industry Continues to Push Back on HIPAA Security Rule Overhaul
The U.S. Department of Health and Human Services unveiled a sweeping update to the HIPAA Security Rule in January 2025, aiming to tighten cybersecurity across hospitals and clinics. A coalition of 100 health‑care groups led by CHIME has called for...
Sprawling 'Operation Sentinel' Neutralizes African Cybercrime Syndicates
Operation Sentinel, a 19‑nation Interpol‑led effort, dismantled multiple African cybercrime syndicates, arresting 574 suspects and seizing roughly $3 million in assets. The investigation neutralized over 6,000 malicious links and decrypted six ransomware strains, uncovering $21 million in losses from BEC, extortion and...
Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices
WatchGuard disclosed a critical zero‑day vulnerability (CVE‑2025‑14733) in its Firebox firewalls, enabling remote code execution via an out‑of‑bounds write in the Fireware OS. The flaw affects multiple firmware versions and specifically targets the IKEv2 VPN processes, with threat actors actively...
Uzbek Users Under Attack by Android SMS-Stealers
Group‑IB reported a fresh wave of Android SMS‑stealer campaigns targeting users in Uzbekistan since October 2025. Threat groups such as TrickyWonders, Blazefang and Ajina distribute malicious APKs via sideloading and Telegram, exploiting stolen Telegram accounts to lure contacts into installation....
LongNosedGoblin Caught Snooping on Asian Governments
ESET has identified a new Chinese‑backed advanced persistent threat group, LongNosedGoblin, conducting cyber‑espionage against Japan and other Southeast Asian governments since 2023. The group leverages custom C#/.NET malware and uniquely abuses Windows Group Policy to drop payloads and move laterally...