Dark Reading

Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.
The Hacker News

From Exposure to Exploitation: How AI Collapses Your Response Window

AI compresses cyberattack timelines—32% of flaws exploited day-zero, phishing up 1,265%, forcing shift to CTEM defense models.

AI platforms can be abused for stealthy malware communication

AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate ...

Chinese hackers exploiting Dell zero-day flaw since mid-2024

A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
Dark Reading

ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.
Security Boulevard

Firewall Penetration Testing: Definition, Process and Tools

Firewall penetration testing examines the firewall as a security control and identifies the weaknesses that allow unwanted traffic to reach internal systems.  It helps to make the network secure by ...