Taiwan Endures Greater Cyber Pressure From China
Chinese cyberattacks on Taiwan's critical infrastructure — including energy utilities and hospitals — rose 6% in 2025, averaging 2.63 million attacks a day.
https://www.darkreading.com/cyber-risk/taiwan-sees-greater-cyber-pressure-from-china
Inside Iran's Cyber Objectives: What Do They Want?
The regime's cyber-espionage strategy employs dual-use targeting, collecting info that can support both military needs and broader political objectives.
https://www.darkreading.com/cybersecurity-operations/iran-cyber-objectives
Cybersecurity Firms See Surge in AI-Powered Attacks Across Africa
Africa becomes a proving ground for AI-driven phishing, deepfakes, and impersonation, with attackers testing techniques against governments and enterprises.
Cyberattack Leads to Beer Shortage as Asahi Recovers
A ransomware last week left the Asahi brewery in Japan struggling to take orders and deliver its products domestically, as manufacturers become a favored target.
https://www.darkreading.com/ics-ot-security/cyberattack-beer-shortage-asahi-recovers
China Imposes One-Hour Reporting Rule for Major Cyber Incidents
The sweeping new regulations show that China's serious about hardening its own networks after launching widespread attacks on global networks.
Japan, South Korea Take Aim at North Korean IT Worker Scam
With the continued success of North Korea's IT worker scams, Asia-Pacific nations are working with private firms to blunt the scheme's effectiveness.
https://www.darkreading.com/cybersecurity-operations/japan-south-korea-north-korean-it-worker-scam
Hacked Routers Linger on the Internet for Years, Data Shows
While trawling Internet scan data for signs of compromised infrastructure, researchers found that asset owners may not know for years their devices had been hacked.
Varonis Acquires Email Security Provider SlashNext to Enhance BEC Defenses
Varonis plans to integrate SlashNext's advanced phishing, BEC, and social engineering attack protection capabilities into its data security platform.
NIST Enhances Security Controls for Improved Patching
The US National Institute of Standards and Technology released Security and Privacy Control version 5.2.0 to help organizations be more proactive regarding patching.
Prepping the Front Line for MFA Social Engineering Attacks
Attackers will continue to evolve, and the help desk will always be a target. But with the right mix of training, support, and trust, frontline agents can become your biggest security assets.
DARPA: Closing the Open Source Security Gap With AI
DARPA's Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale.
https://www.darkreading.com/cloud-security/darpa-closing-open-source-security-gap-ai
60 RubyGems Packages Steal Data From Annoying Spammers
A Dark Web antihero has been stealing and then reselling credentials from unsavory online characters. Their motives are questionable, but the schadenfreude is irresistible.
https://www.darkreading.com/threat-intelligence/60-rubygems-packages-steal-spammers
Ransomware Attacks Fall by Almost Half in Q2
https://www.darkreading.com/cyberattacks-data-breaches/ransomware-attacks-fall-almost-half-q2
Silver Fox APT Blurs the Line Between Espionage & Cybercrime
Silver Fox is the Hannah Montana of Chinese threat actors, effortlessly swapping between petty criminal and nation-state-type attacks.
https://www.darkreading.com/threat-intelligence/silver-fox-apt-espionage-cybercrime
Privilege Escalation Issue in Amazon ECS Leads to IAM Hijacking
A software developer discovered a way to abuse an undocumented protocol in Amazon's Elastic Container Service to escalate privileges, cross boundaries and gain access to other cloud resources.
https://www.darkreading.com/cloud-security/privilege-escalation-amazon-ecs-iam-hijacking
'Samourai' Cryptomixer Founders Plead Guilty to Money Laundering
As part of their plea deal, the cybercriminal founders will also have to forfeit more than $200 million.
https://www.darkreading.com/threat-intelligence/cryptomixer-founders-guilty-money-laundering
Citizen Lab Founder Flags Rise of US Authoritarianism
Citizen Lab director and founder Ron Deibert explained how civil society is locked in "vicious cycle," and human rights are being abused as a result, covering Israeli spyware, the Khashoggi killing, and an erosion of democratic norms in the US.
https://www.darkreading.com/vulnerabilities-threats/citizen-lab-founder-us-authoritarianism
The Critical Flaw in CVE Scoring
With informed decision-making, organizations can strengthen their overall resilience and maintain the agility needed to adapt to emerging threats, without sacrificing innovation or productivity.
https://www.darkreading.com/vulnerabilities-threats/critical-flaw-cve-scoring
Critical Zero-Day Bugs Crack Open CyberArk, HashiCorp Password Vaults
Secrets managers hold all the keys to an enterprise's kingdom. Two popular ones had longstanding, critical, unauthenticated RCE vulnerabilities.
Attackers Exploit Critical Trend Micro Apex One Zero-Day Flaw
Two critical vulnerabilities affect the security vendor's management console, one of which is under active exploitation. The company has updated cloud-based products but won't have a patch for its on-premises version until mid-August.
Customer, Employee Data Exposed in Nippon Steel Breach
Information from the company's NS Solutions subsidiary has yet to show up on any Dark Web sites, but it doesn't rule out the possibility that the data may have been stolen.
https://www.darkreading.com/threat-intelligence/customer-employee-data-nippon-steel-breach
North American APT Uses Exchange Zero-Day to Attack China
Stories about Chinese APTs attacking the US and Canada are plentiful. In a turnabout, researchers found what they believe is a North American entity attacking a Chinese entity, thanks to a mysterious issue in Microsoft Exchange.
North Korea's TA406 Targets Ukraine for Intel
The threat group's goal is to help Pyongyang assess risk to its troops deployed in Ukraine and to figure out if Moscow might want more.
https://www.darkreading.com/cyberattacks-data-breaches/north-koreas-ta406-targets-ukraine
New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity
Mimecast Announces Acquisition of Aware, Doubles Down on AI-Powered Human Risk Management Capabilities
DigiCert to Acquire Vercara
https://www.darkreading.com/cloud-security/digicert-to-acquire-vercara
Guardz Launches Free 'Community Shield' Plan to Empower MSPs
Gcore Radar Report Shows 46% Increase in Number of DDoS Attacks in First Half of 2024
US Data Breach Victim Numbers Increase by 1,000%, Literally
Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.
https://www.darkreading.com/cyberattacks-data-breaches/us-data-breach-victim-numbers-increase-1000