The Latest
-
Jaguar Land Rover extends production delay following cyberattack
A hacker group linked to multiple social-engineering attacks has claimed credit for the intrusion.
-
FBI warns about 2 campaigns targeting Salesforce instances
The threat groups, identified as UNC6040 and UNC6395, have used different tactics to gain access to data.
-
CISA audit sparks debate about cybersecurity pay incentives
Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark.
-
CISA pledges robust support for funding, further development of CVE program
A key official from the agency said the vulnerability management program will continue with additional participation and enhancements.
-
Researchers warn VoidProxy phishing platform can bypass MFA
The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data exfiltration.
-
Deep Dive
How the retail sector teams up to defend against cybercrime
The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.
-
Ransomware insurance losses spike despite fewer claims: Resilience
AI-powered phishing, “double extortion” tactics and insurance policy theft are fueling more destructive, costly ransomware attacks, the cybersecurity firm said.
-
UK cyber leader calls for shift in focus toward continuity of critical services
Richard Horne, CEO of the National Cyber Security Centre, said the U.S. remains a key ally in the global fight against sophisticated adversaries.
-
National cyber director says US must shift risk burden toward adversaries
In his first major address after confirmation, Sean Cairncross said the U.S. needs to take bold, coordinated steps to counter authoritarian rivals.
-
Senior NSC official said US needs to embrace offensive cyber
Alexei Bulazel said the administration is unapologetically in favor of using offensive capabilities to deter the nation’s adversaries.
-
Deep Dive
How AI and politics hampered the secure open-source software movement
Tech giants pledged millions to secure open-source code. Then AI came along.
-
Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
The agreement is part of a larger strategy for Mitsubishi to develop one-stop security capabilities in the OT space.
-
Bridgestone Americas continues probe as it looks to restore operations
The tiremaker disclosed a cyberattack just days after Jaguar Land Rover was impacted by a major hack that also disrupted production at certain locations.
-
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack.
-
Data security gaps stymy enterprise AI plans
Nearly three-quarters of CIOs and CISOs see information complexity as an adoption roadblock.
-
Swiss Re warns of rate deterioration in cyber insurance
Competition among insurers has forced them to offer concessions on premiums, limits and controls.
-
Marriott checks out AI agents amid technology transformation
The multinational hospitality giant is building a model-agnostic chassis featuring an agentic layer.
-
Researchers warn of zero-day vulnerability in SiteCore products
Mandiant said it was able to disarm a ViewState deserialization attack leveraging exposed ASP.NET keys.
Updated Sept. 4, 2025 -
Deep Dive
How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.
-
Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree
The breaches are part of hundreds of potential supply chain attacks linked to Salesloft Drift.
-
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
A hacking campaign using credentials linked to Salesloft Drift has impacted a growing number of companies, including downstream customers of leading cybersecurity firms.
-
Deep Dive
FCC investigation could derail its own IoT security certification program
Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.
-
US, allies warn China-linked actors still targeting critical infrastructure
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.
-
Federal, state officials investigating ransomware attack targeting Nevada
The Sunday attack disrupted key services across the state and led to the theft of some data.
Updated Aug. 29, 2025 -
NetScaler warns hackers are exploiting zero-day vulnerability
The company is urging customers to patch their devices immediately, saying the flaw could lead to denial of service or remote code execution.