Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover ...
Microsoft Threat Intelligence identified threat actor activity with overlapping tradecraft commonly associated with ...
New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud ...
O-UNC-066 uses vishing and a live phishing kit to trick Microsoft 365 users into enrolling attacker-controlled Entra passkeys ...
Multiple threat actors are abusing the GitHub API to discover organizations’ repositories and members via ghost accounts.
A technical walkthrough of the kerberoasting attack: the Kerberos quirk it abuses, RC4 vs AES, and how to detect and fix it ...
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results