Dark Reading

5 Threats That Defined Security in 2025

2025 included a number of monumental threats, from global nation-state attacks to a critical vulnerability under widespread ...
The Record

Conti ransomware group adopts Log4Shell exploit

The Conti gang has become the first professional ransomware operation to adopt and incorporate the Log4Shell vulnerability in their daily operations. Scans and attacks began as early as Monday, ...
SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how visibility and shift-left security reduce exposure.
Infosecurity-magazine.com

Log4Shell Downloaded 40 Million Times in 2025

Tens of millions of downloads of the popular Java logging library Log4j this year were vulnerable to a CVSS 10.0-rated vulnerability that first surfaced four years ago, according to Sonatype. The ...
TWCN Tech News

How to disable Exploit Protection in Windows 11

Windows doesn’t offer a single switch to disable Exploit Protection completely. You can only disable individual mitigations system-wide or per app. We strongly recommend turning it off only for ...
CoinTelegraph

Balancer exploit swells to $116M in outflows as team offers 20% bounty

Update Nov. 3, 10:42 am UTC: This article has been updated to include a section on Berachain’s emergency hard fork. Update Nov. 3, 9:47 am UTC: This article has been updated to add the latest figures, ...
ZDNet

This new Android exploit can steal everything on your screen - even 2FA codes

Pixnapping could be used to steal private data, including 2FA codes. Side-channel attack abuses Google Android APIs to steal data on display. Flaw is partially patched, although a more complete fix is ...
Bleeping Computer

Oracle silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters ...
The Verge

Unity discloses a years-old security exploit and urges developers to update their games

Unity has fixes ready to go, and Valve has released an updated version of Steam, too. Unity has fixes ready to go, and Valve has released an updated version of Steam, too. is a senior reporter ...
CSOonline

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can. Enterprise attack surfaces continue to ...
Forbes

WhatsApp Security — New $1 Million 0-Click Messaging Exploit

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Twice every year, some of the best hackers on the planet get ...