DentaQuest Data Breach Exposes 26 Million Accounts
A serious security incident has exposed the personal information of over 2.6 million clients at DentaQuest, a provider of dental benefits management services.
Cybersecurity
CISA Warns of Critical Magento RCE Flaw in Mirasvit Cache Warmer
CISA flags a critical Magento RCE vulnerability (CVE-2026-45247) in Mirasvit Cache Warmer, urging immediate patching to prevent server takeovers and data theft.
Operation KRATOS: 29 Arrests in Global Crackdown on Illegal Streaming
International law enforcement dismantles nine criminal groups in a seven-month crackdown on illegal streaming networks, seizing 27,000 links and 722,000 counterfeit items.
US DoJ Dismantles Crypto Fraud Networks Across Southeast Asia
The US Department of Justice has shut down crypto fraud networks in Southeast Asia, freezing $3.8M and disrupting millions of fraudulent accounts in a week-long operation.
Afghan Finance Ministry Hit by Pakistan-Linked Cyberespionage
Afghanistan's Finance Ministry targeted in Xeno RAT cyberespionage campaign linked to Pakistan, exploiting weak cybersecurity defenses.
Chinese Hackers Deploy New Atlas Malware in European Cyberattacks
Chinese cybercriminals expand operations to Europe using Atlas RAT malware and backdoor for data theft and remote control.
Cybercriminals Use AI to Automate EDR Evasion Attacks
Hackers are now using automated tools and AI to bypass EDR protections like Sophos and CrowdStrike, raising the stakes for enterprise security teams.
Cyber Threats Target Fuel Tank Monitoring Systems
Authorities warn of cyberattacks targeting Automatic Tank Gauge systems, exposing critical fuel and liquid infrastructure to risks.
Chinese Espionage in Latin America: A Growing Cyber Threat
Chinese-linked cyberespionage groups are targeting Latin American infrastructure, raising concerns over regional security and geopolitical influence.
Google Gemini Vulnerable to Android Notification Attacks
A malicious notification via WhatsApp or Slack could compromise Google Gemini on Android, enabling unauthorized actions without malware installation.
Cyber Insurance Premiums Drop, But Coverage Shrinks
Cyber insurance rates are finally falling after years of steep increases, but insurers are tightening exclusions, leaving businesses with less protection.
HTTP/2 Bomb Attack: Web Servers Crash in Under a Minute
A new security vulnerability called HTTP/2 Bomb allows a single machine to crash web servers in under a minute by exploiting the HTTP/2 protocol.
Critical Microsoft 365 Flaw on Android Compromises User Accounts
A default-disabled security setting in Microsoft 365 Android apps exposed user accounts to takeover attacks, risking sensitive data.
Outlook Hack Spies on Stock Exchange Executive for 5 Months
A cyberespionage group compromised an executive's Outlook account for five months, monitoring sensitive corporate communications and movements.
CISA Warns of Active Exploits Targeting Android and Linux Flaws
CISA alerts admins and users to critical Linux and Android kernel vulnerabilities being actively exploited. Urgent patching is required to prevent intrusions.
Why One-Time Cybersecurity Tests Fail Banks: The Case for Continuous Monitoring
Banks relying on periodic penetration tests leave critical vulnerabilities exposed for nearly a year. Continuous cybersecurity monitoring is the solution.
FSB Accuses Foreign Spies of Malware-Based Espionage
Russia's FSB claims foreign spies used malware to spy on officials, but offers no concrete evidence or details in its vague announcement.
VS Code Security Flaw Exposes GitHub OAuth Tokens in One Click
A critical VS Code vulnerability allows attackers to steal GitHub OAuth tokens with a single malicious link, granting access to private repositories.
Google Gemini Vulnerable to Malicious Notifications?
A prompt injection flaw in Google's Gemini voice assistant could let attackers inject malicious commands via notifications, enabling social engineering attacks.
.png?width=1280&auto=webp&quality=80&disable=upscale){kind=logo}
Name That Toon Contest Celebrates 20 Years of Cybersecurity Humor
Dark Reading's iconic Name That Toon contest marks two decades of blending cybersecurity humor with community engagement.