The Latest
-
Senior NSC official said US needs to embrace offensive cyber
Alexei Bulazel said the administration is unapologetically in favor of using offensive capabilities to deter the nation’s adversaries.
-
Deep Dive
How AI and politics hampered the secure open-source software movement
Tech giants pledged millions to secure open-source code. Then AI came along.
-
Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
The agreement is part of a larger strategy for Mitsubishi to develop one-stop security capabilities in the OT space.
-
Bridgestone Americas continues probe as it looks to restore operations
The tiremaker disclosed a cyberattack just days after Jaguar Land Rover was impacted by a major hack that also disrupted production at certain locations.
-
Salesloft platform integration restored after probe reveals monthslong GitHub account compromise
An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack.
-
Data security gaps stymy enterprise AI plans
Nearly three-quarters of CIOs and CISOs see information complexity as an adoption roadblock.
-
Swiss Re warns of rate deterioration in cyber insurance
Competition among insurers has forced them to offer concessions on premiums, limits and controls.
-
Marriott checks out AI agents amid technology transformation
The multinational hospitality giant is building a model-agnostic chassis featuring an agentic layer.
-
Researchers warn of zero-day vulnerability in SiteCore products
Mandiant said it was able to disarm a ViewState deserialization attack leveraging exposed ASP.NET keys.
Updated Sept. 4, 2025 -
Deep Dive
How the newest ISAC aims to help food and agriculture firms thwart cyberattacks
Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.
-
Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree
The breaches are part of hundreds of potential supply chain attacks linked to Salesloft Drift.
-
Palo Alto Networks, Zscaler customers impacted by supply chain attacks
A hacking campaign using credentials linked to Salesloft Drift has impacted a growing number of companies, including downstream customers of leading cybersecurity firms.
-
Deep Dive
FCC investigation could derail its own IoT security certification program
Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.
-
US, allies warn China-linked actors still targeting critical infrastructure
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.
-
Federal, state officials investigating ransomware attack targeting Nevada
The Sunday attack disrupted key services across the state and led to the theft of some data.
Updated Aug. 29, 2025 -
NetScaler warns hackers are exploiting zero-day vulnerability
The company is urging customers to patch their devices immediately, saying the flaw could lead to denial of service or remote code execution.
-
Safety-critical industries wary about using AI for cybersecurity
Finance, tech and professional services are among the sectors with the widest adoption of AI-based security tools, according to a new report.
-
Hackers steal data from Salesforce instances in widespread campaign
Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.
Updated Aug. 29, 2025 -
Execs worry about unknown identity-security weaknesses
Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress.
-
CISOs grow more concerned about risk of material cyberattack
A report by Proofpoint shows growing anxiety among security leaders about their companies’ cyber readiness.
-
Credential harvesting campaign targets ScreenConnect cloud administrators
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA updates SBOM recommendations
The document is primarily meant for federal agencies, but CISA hopes businesses will also use it to push vendors for software bills of materials.
-
China-nexus hacker Silk Typhoon targeting cloud environments
The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say.
-
US charges Oregon man in vast botnet-for-hire operation
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.
-
Cyber, AI drive software spending to double-digit growth through 2029
Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.