Latest Intelligence
⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More
The article highlights the evolving nature of malware, which is now designed to be more relatable and believable, resembling developer tools and leveraging open-source trust. This shift indicates a new trend where malicious code not only aims to be harmful but also to integrate seamlessly into legitimate environments. Read Original »
Cybersecurity M&A Roundup: 44 Deals Announced in July 2025
In July 2025, a total of 44 merger and acquisition deals in the cybersecurity sector were announced, indicating a significant trend in the industry. This activity reflects ongoing consolidation and investment in cybersecurity solutions. Read Original »
Man-in-the-Middle Attack Prevention Guide
Man-in-the-middle (MITM) attacks are stealthy cyber intrusions that exploit weaknesses in communication protocols, allowing attackers to position themselves between two unsuspecting parties. These attacks can go unnoticed for long periods, making them particularly dangerous. Read Original »
Northwest Radiologists Data Breach Impacts 350,000 Washingtonians
Northwest Radiologists reported a data breach in January 2025 that compromised the personal information of 350,000 residents in Washington State. The breach highlights significant concerns regarding the security of sensitive personal data. Read Original »
The Wild West of Shadow IT
The article highlights the challenge of Shadow IT, where employees can independently install applications without IT approval, leading to potential security vulnerabilities. This democratization of IT has outpaced traditional security measures, posing risks to organizational security. Read Original »
Several Vulnerabilities Patched in AI Code Editor Cursor
The article discusses several vulnerabilities in the AI code editor Cursor that allow attackers to modify sensitive MCP files, enabling the execution of arbitrary code without user consent. This poses a significant security risk to users of the software. Read Original »
Gene Sequencing Giant Illumina Settles for $9.8M Over Product Vulnerabilities
Illumina has agreed to pay $9.8 million to resolve allegations that its products supplied to the US government contained cybersecurity vulnerabilities. This settlement highlights the importance of addressing security flaws in critical technology. Read Original »
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Researchers have identified a new Android remote access trojan (RAT) named PlayPraetor that has infected over 11,000 devices, mainly in several countries including Portugal and Spain. The rapid increase in infections, exceeding 2,000 per week, is attributed to targeted campaigns aimed at Spanish and French-speaking users. Read Original »
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
A state-sponsored threat actor identified as CL-STA-0969 has targeted telecommunications organizations in Southeast Asia, executing a 10-month espionage campaign to gain remote control over compromised networks. The attacks, noted by Palo Alto Networks Unit 42, specifically focused on critical telecommunications infrastructure from February to November 2024. Read Original »
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
Researchers have discovered a new Linux backdoor called Plague, which has been undetected for a year. This malicious PAM allows attackers to bypass authentication and maintain persistent SSH access to critical systems. Read Original »
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices
SonicWall SSL VPN devices are being targeted by Akira ransomware in a series of attacks that began in late July 2025. Researchers have noted multiple pre-ransomware intrusions involving VPN access through these devices. Read Original »
What is the Role of Provable Randomness in Cybersecurity?
The article highlights the critical importance of random number generation in cryptographic security, particularly as organizations transition to quantum-resistant algorithms. It emphasizes the need to scrutinize the randomness that supports these algorithms to ensure robust security. Read Original »
Dark Reading News Desk Turns 10, Back at Black Hat USA for 2025
Dark Reading's News Desk is celebrating its 10th anniversary at Black Hat USA 2025, offering interviews and insights into the latest cybersecurity research without the need to travel to Las Vegas. This initiative aims to keep the cybersecurity community informed about important developments in the field. Read Original »
Gen Z in the Crosshairs: Cybercriminals Shift Focus to Young, Digital-Savvy Workers
Cybercriminals are increasingly targeting Gen Z workers, who are characterized as young and digital-savvy. This shift raises the question of whether Gen Z should be considered a distinct attack surface within organizations. Read Original »
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
A high-severity security flaw in the Cursor AI code editor has been disclosed, allowing potential remote code execution through prompt injection. The vulnerability, tracked as CVE-2025-54135, has been patched in version 1.3 released on July 29, 2025. Read Original »