Dark Reading

Lack of MFA Is Common Thread in Vast Cloud Credential Heist

A threat actor that goes by "Zestix" used several infostealers to obtain credentials and breach file-sharing instances of ...

ownCloud urges users to enable MFA after credential theft reports

File-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using ...
Mobile ID World

Rijswijk Demo Links Municipal Proof-of-Birth Data to an EUDI Wallet Using OOTS

Dutch public-sector participants have demonstrated a proof-of-birth credential flow in which a resident retrieves a municipal birth certificate and loads it into a digital identity wallet designed to ...
Mobile ID World

Kentucky Launches Mobile ID for TSA Screening, Pitching On-Device Storage and Data Minimization

The Kentucky Transportation Cabinet describes the credential as an mDL-style digital identity stored directly on the user’s device. During presentation, the state says the app uses Bluetooth-based ...
CSO Online

Microsoft warns of a surge in phishing attacks exploiting email routing gaps

Threat actors are abusing misconfigured MX records and weak DMARC/SPF policies to make phishing emails look internal, ...

Dozens of organizations fall victim to infostealers after failing to enforce MFA

How the devices ended up compromised is unclear, but what matters is that Zestix was able to use the credentials to access ...
Unite.AI

The Secretless Imperative: Why Traditional Security Models Break When AI Agents Touch Code

In April 2023, Samsung discovered its engineers had leaked sensitive information to ChatGPT. But that was accidental. Now imagine if those code repositories had contained deliberately planted ...

Lockly Smart Safe XL promises more secure storage at home

With increased capacity, NFC, fingerprint ID, and app alerts, Lockly’s latest smart safe enhances home security and smart ...
TechCentral

The next wave: 10 technologies that will define 2026

These are the technology trends that are poised to shape the year ahead – and no, it’s all not all about artificial ...

This critical severity flaw in D-Link DSL gateway devices could allow for remote code execution

CVE-2026-0625, a critical command injection flaw (9.3/10), is being actively exploited in legacy D-Link gateway routers ...
Dark Reading

Critical 'MongoBleed' Bug Under Attack, Patch Now

The memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.
DataBreachToday

Zero Trust for the Age of Autonomous AI Agents - Part 1

Zero trust was built for humans, not autonomous AI agents. As organizations adopt agentic AI at scale, human-centric security ...