Day: May 18, 2026

Is 2026 the Year AI Bills of Materials Get Real?

time robot Kirsty Pargeter alamy 2iQUkT

Understanding AI BOMs and where they fit into risk management for artificial intelligence. Understanding AI BOMs and where they fit into risk management for artificial intelligence.​ ​Read More

Microsoft Exchange Zero-Day Under Attack, No Patch Available

exchange Piotr Swat Alamy 0etE6E

CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes. CVE-2026-42897 stems from a cross-site scripting (XSS) vulnerability and can allow an attacker to compromise Outlook Web Access (OWA) mailboxes.​ ​Read More

‘Claw Chain’ Vulnerabilities Threaten OpenClaw Deployments

openclaw jackpress shutterstock CsFJK6

The now-patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence. The now-patched vulnerabilities in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and maintain persistence.​ ​Read More

Shai-Hulud Worm Clones Spread After Code Release

sandworms FlixPix Alamy 2PyrV8

The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale. The release of Shai-Hulud source code spells trouble for software developers as researchers worry the self-replicating worm could scale.​ ​Read More

Fuel Tank Breaches Expand Scope of Iran’s Cyber Offensive

iran1800 Hakan Gider alamy DBN9Dm

Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors. Security experts have long warned that insecure automatic tank gauge (ATG) systems exposed on the Internet can be tampered with by threat actors.​ ​Read More

The Boring Stuff Is Dangerous Now

cyberattack fear Yuri Arcurs Alamy aqiVhV

AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly. AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly.​ ​Read More

Boulevard of Broken Dreams: 2 Decades of Cyber Fails

decay DBURKE alamy PI9GgI

From the MGM and Caesars fiasco and MOVEit’s patch nightmare to epic business blunders and the jaded reality of living in a post-breach world, Dark Reading looks back at the mistakes, miscalculations, systemic failures, and cringeworthy moments that still have us shaking our heads. From the MGM and Caesars fiasco and MOVEit’s patch nightmare to epic […]