The Latest
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA urges fired probationary workers to respond after federal judge grants order
The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.
-
AI project failure rates are on the rise: report
The share of businesses scrapping most of their AI initiatives increased to 42% this year, up from 17% last year, according to S&P Global Market Intelligence.
-
Tech giants seek data standards amid AI push
Microsoft, IBM and Cisco are among the vendors backing the OASIS Data Provenance Standards Technical Committee announced last week.
-
FCC launches national security unit to counter state-linked threats to US telecoms
The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.
-
82% of K-12 schools recently experienced a cyber incident
Cybercriminals are increasingly targeting school networks through phishing and social engineering, a cybersecurity nonprofit reported.
-
Majority of ransomware claims involved compromise of perimeter security devices
A report by cyber insurance firm Coalition shows six of every 10 ransomware claims involved compromised VPN or firewall.
-
Former NSA cyber director warns drastic job cuts threaten national security
Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.
-
Eleven11bot estimates revised downward as researchers point to Mirai variant
The botnet has been involved in DDoS activity targeting telecom companies and gaming platforms.
-
CrowdStrike shares fall as company forecasts lower-than-expected results
The cybersecurity vendor is ending its customer commitment package, which was launched to help maintain existing relationships.
-
More than 86K IoT devices compromised by fast-growing Eleven11 botnet
The Iran-linked botnet has a large presence in the U.S. and is targeting telecom and other firms with DDoS attacks.
-
Microsoft-signed driver used in ransomware attacks
Threat actors are exploiting a privilege escalation flaw in Paragon Partition Manager for “bring your own vulnerable driver” (BYOVD) attacks.
-
Leaked ransomware chat logs reveal Black Basta’s targeted CVEs
Cybercrime group focused on Microsoft vulnerabilities as well as flaws in network edge devices and communications software.
-
Nearly 3K Ivanti Connect Secure instances vulnerable to critical flaw
U.S. has the most VPNs not yet patched for CVE-2025-22467.
-
DeepSeek’s AI shake-up could boost cybersecurity risks, spending: report
The cybersecurity market could grow to $338 billion in value by 2033, driven in part by expanding AI risks, Bloomberg Intelligence analysts said.
-
Palo Alto Networks warns hackers attempting to exploit a file read flaw in firewalls
Threat actors are chaining the CVE with at least one prior flaw to enable the hack attempts.
-
Microsoft Power Pages vulnerability exploited in the wild
The high-severity privilege escalation flaw in Microsoft's website building application was disclosed and patched last week.
-
Proof-of-concept exploit released for 4 Ivanti vulnerabilities
Critical flaws in Ivanti Endpoint Manager were initially disclosed and patched last month.
Updated Feb. 20, 2025 -
US authorities warn Ghost ransomware leverages older CVEs
The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.
-
Tech investment firm Insight Partners discloses data breach
The company holds equity in several major technology companies, including Wiz and Kaseya.
-
Lee Enterprises says cyberattack will likely have material impact
The newspaper chain said attackers encrypted critical applications and impacted billing, payments and print distribution.
-
SonicWall authentication flaw under threat of active exploitation
Weeks after the company released a patch, researchers warn the CVE is being targeted by threat actors.
-
Phishing campaign targets Microsoft device-code authentication flows
Russian state-sponsored hackers have attacked enterprises and government agencies in North America and overseas.
-
Trump to nominate Sean Cairncross as national cyber director
The president will tap the former RNC insider to lead the White House office that oversees nation’s cybersecurity strategy.
-
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
The software is widely used in projects by local governments, utilities, airports and other facilities.
-
HPE issues breach notifications for 2023 Midnight Blizzard attack
Russian state-sponsored hackers compromised the tech giant's Office 365 email environment.