"How to break the security theater illusion."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 18 June 2025, 1515 UTC.

Content and Source:  Email subscription via https://feedly.com.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fwww.darkreading.com%2Frss%2Fall.xml

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Dark Reading

139K followers39 articles per week

#security#tech

34

Most popular

How to Break the Security Theater Illusion

39by Joan Goodchild / 1d

When security becomes a performance, the fallout isn't just technical. It's organizational.

How CISOs Can Govern AI & Meet Evolving Regulations

by Ben de Bont / 1h

Security teams are no longer just the last line of defense — they are the foundation for responsible AI adoption.

Serpentine#Cloud Uses Cloudflare Tunnels in Sneak Attacks

18 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 2h

An unidentified threat actor is using .lnk Windows shortcut files in a series of sophisticated attacks utilizing in-memory code execution and living-off-the-land cyberattack strategies.

Yesterday

Indian Car-Sharing Firm Zoomcar Latest to Suffer Breach

3 TTPs

•

by Robert Lemos, Contributing Writer / 11h

•

Zoomcar reports data breach

The company acknowledged that cybercriminals had taken sensitive information on more than 8 million users, including names, phone numbers, car registration numbers, addresses, and emails.

'HoldingHands' Acts Like a Pickpocket With Taiwan Orgs

17 TTPs

•

by Jai Vijayan, Contributing Writer / 18h

•

Silver Fox APT targets Taiwan users

Since at least January, the threat actor has been employing multiple malware tools to steal information for potential future attacks against Taiwanese businesses and government agencies.

Private 5G: New Possibilities — and Potential Pitfalls

by Richard Thurston / 23h

While ushering in "great operational value" for organizations, private 5G networks add yet another layer to CISOs' responsibilities.

The Cyber Future Is Riskier Than You Think

by Rashmi Tallapragada / 1d

Sound suggestions on how to tackle four "quiet problems" that often slip through the security cracks.

Operation Endgame: Do Takedowns and Arrests Matter?

by James Shank / 1d

Cybercrime response needs more aggressive actions from those seeking to protect victims and pursue criminals.

Hackers Exploit Critical Langflow Flaw to Unleash Flodrix Botnet

12 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 1d

•

CVE-2025-3248

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

WestJet Airlines App, Website Suffer After Cyber Incident

by Kristina Beek, Associate Editor, Dark Reading / 1d

Though its operations are running smoothly, the airline warned customers and employees to exercise caution when sharing personal information online.

Jun 16, 2025

Malicious Chimera Turns Larcenous on Python Package Index

10 TTPs

•

by Jai Vijayan, Contributing Writer / 1d

•

Malicious packages target developers' data

Unlike typical data-stealing malware, this attack tool targets data specific to corporate and cloud infrastructures in order to execute supply chain attacks.

Anubis Ransomware-as-a-Service Kit Adds Data Wiper

9 TTPs

•

by Alexander Culafi, Senior News Writer, Dark Reading / 1d

•

Anubis ransomware adds wiper feature

The threat of wiping files and servers clean gives Anubis affiliates yet another way to leverage ransomware victims who may be hesitant to pay to get their data back, Trend Micro said.

Washington Post Staffer Emails Targeted in Cyber Breach

2 TTPs

•

by Kristina Beek, Associate Editor, Dark Reading / 1d

Journalists' Microsoft accounts were breached, which would have given attackers access to emails of staff reporters covering national security, economic policy, and China.

'Water Curse' Targets Infosec Pros via Poisoned GitHub Repositories

23 TTPs

•

by Elizabeth Montalbano, Contributing Writer / 1d

•

Water Curse exploits GitHub for malware

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

Security Is Only as Strong as the Weakest Third-Party Link

by Shimon Modi / 2d

Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience.

NIST Outlines Real-World Zero-Trust Examples

NIST releases Zero Trust guidance

•

by Fahmida Y. Rashid / 2d

SP 1800-35 offers 19 examples of how to implement zero-trust architecture (ZTA) using off-the-shelf commercial technologies.