Critical Flaw in Langflow AI Platform Under Attack
Threats actors pounced on the code injection vulnerability within hours of its disclosure, demonstrating that organizations have little time to address critical bugs.
Tag
#dark-reading
98 articles found
Automotive Cybersecurity Threats Grow in Era of Connected, Autonomous Vehicles
More than a decade since the 2015 Jeep hack, the cybersecurity of vehicles remains of the utmost importance.
Is the FCC's Router Ban the Wrong Fix?
The agency put foreign-made consumer routers on its list of prohibited communications devices, but the ban could create more problems down the road.
CSA Launches CSAI Foundation for AI Security
The Cloud Security Alliance creates a dedicated nonprofit to govern autonomous AI agent ecosystems through risk intelligence and certification.
Ex-NSA Directors Discuss 'Red Line' for Offensive Cyberattacks
Four former NSA chiefs representing a near-complete history of US Cyber Command debated and discussed the role of offensive cyber in the government.
AI-Native Security Is a Must to Counter AI-Based Attacks
Attacks by artificial intelligence agents are a reality. Experts at Nvidia's GTC conference say defenders need to use the same tools to fight them off.
Microsoft Proposes Better Identity, Guardrails for AI Agents
Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point.
How a Large Bank Uses AI Digital Twins for Threat Hunting
JPMorgan Chase uses digital fingerprints and digital twins to spot online attackers and malicious behaviors while also reducing pesky false alerts.
GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead
An AI-assisted campaign is spreading more than 300 poisoned packages for diverse assets ranging from developer tools to game cheats.
How AI Coding Tools Crushed the Endpoint Security Fortress
Security vendors have spent years building up defenses around the endpoint, but one researcher says AI coding tools have brought the walls down.
Checkmarx KICS Code Scanner Targeted in Widening Supply Chain Hit
TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx's KICS and VS Code plug-ins, and the LiteLLM AI library โ and all signs point to more attacks to come.
Iran Hacktivists Make Noise but Have Little Impact on War
Iran-aligned groups are trying to make their mark in the Gulf, but the results have fallen short of remarkable.
AI Dominates RSAC Innovation Sandbox
The 10 finalists will each have three minutes to make their case for being the most innovative, promising young security company of the year.
Attackers Hide Infostealer in Copyright Infringement Notices
A phishing campaign targeting healthcare, government, hospitality, and education sectors in various countries uses several evasion techniques to avoid detection.
CISOs Debate Human Role in AI-Powered Security
The idea of a "human in the loop" in AI deployment was challenged during a security executive panel at the RSAC 2026 Conference this week.
Ransomware's New Era: Moving at AI Speed
Threat actors bypass security tools and use AI to launch faster ransomware attacks that exploit valid credentials and target data
Trivy Supply Chain Attack Targets CI/CD Secrets
A threat actor used the open source security tool to deploy an infostealer into CI/CD workflows and steal cloud credentials, SSH keys, tokens, and other sensitive secrets.
AI in the SOC: What Could Go Wrong?
Two cybersecurity leaders tested out AI in their respective SOCs for six months โ and here's what they learned.
GlassWorm Malware Evolves to Hide in Dependencies
Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.
China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years
Researchers uncovered an extensive cyber espionage campaign that used novel backdoors and familiar evasion techniques to maintain persistent access to regional targets.