The Latest
-
Just_Super/Getty Images via Getty Images
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
The company says it doesn’t yet know if the incident will have a material impact.
-
Alamy
Palo Alto Networks shares surge after company releases strong annual forecast
The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.
-
da-kuk via Getty Images
Businesses focus on AI, cloud, despite cyber defense oversights
Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.
-
BlackJack3D via Getty Images
NIST seeks input on control overlays for securing AI systems
The federal agency plans to develop guidance to organizations about various AI use cases.
-
funky-data via Getty Images
Developers knowingly push vulnerable code, despite growing breach risk
Only three in 10 respondents said their application security programs were highly mature.
-
Danai Jetawattana via Getty Images
Cybersecurity ranks among top three risks to manufacturing sector
Most companies are planning major AI investments to address growing threats to OT systems.
-
Justin Sullivan via Getty Images
Water sector expands partnership with volunteer hackers
As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.
-
Eric Geller/Cybersecurity Dive
Trump administration cyber cuts eroding private sector’s trust, confidence
A report by Swimlane shows companies are reducing cybersecurity spending and security teams are experiencing increasing pressure.
Updated Aug. 14, 2025 -
Samuel Corum via Getty Images
White House urged to revamp cyber regulations
A leading trade group said the Trump administration should rein in a major pending cybersecurity rule as well as embrace AI-based cyber defenses.
-
baranozdemir via Getty Images
US agencies, international allies issue guidance on OT asset inventorying
The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.
-
Courtesy of Xerox
Xerox patches critical vulnerability in FreeFlow Core application
Researchers at Horizon3.ai discovered the flaw after flagging unusual behavior in a customer environment.
Updated Aug. 13, 2025 -
HJBC via Getty Images
CISA, Microsoft update guidance on Exchange Server vulnerability
Officials reiterated their belief that hackers were not exploiting the flaw, but nonetheless urged users to immediately check their systems.
-
Courtesy of Nucor
Financial impact from severe OT events could top $300B
A report from industrial cybersecurity firm Dragos highlights growing risks of business interruption and supply-chain disruptions.
-
Justin Sullivan/Getty Images via Getty Images
Citrix NetScaler flaws lead to critical infrastructure breaches
Dutch authorities said hackers penetrated several critical infrastructure providers, in a warning sign for vulnerable organizations elsewhere.
Updated Aug. 12, 2025 -
Douglas Rissing via Getty Images
DOJ, international partners take down BlackSuit group’s infrastructure
BlackSuit has been among the most prolific ransomware gangs in recent years, targeting government agencies, critical manufacturing companies and healthcare firms.
-
Alexander Sikov via Getty Images
Research shows AI agents are highly vulnerable to hijacking attacks
Experts from Zenity Labs demonstrated how attackers could exploit widely deployed AI technologies for data theft and manipulation.
-
Eric Geller/Cybersecurity Dive
Cyber experts ponder a non-government future for the CVE program
Organizations supporting the security vulnerability program said it needed changes to improve stability and rebuild trust.
-
Eric Geller/Cybersecurity Dive
DARPA touts value of AI-powered vulnerability detection as it announces competition winners
The U.S. military research agency hopes to foster a new ecosystem of autonomous vulnerability remediation.
-
Eric Geller/Cybersecurity Dive
CISA officials say agency is moving ahead despite workforce purge
Two senior officials defended the agency’s progress amid concerns about the effects of mass layoffs and budget cuts.
-
Chainarong Prasertthai via Getty Images
Financially motivated cluster a key player in ToolShell exploitation
Researchers from Palo Alto Networks detail ransomware deployment and malicious backdoors in a campaign against Microsoft SharePoint users.
-
Patrick Smith via Getty Images
NSA partnering with cyber firms to support under-resourced defense contractors
The spy agency has sought out creative ways to help protect small companies supplying the U.S. military.
-
Just_Super/Getty Images via Getty Images
SonicWall says recent attack wave involved previously disclosed flaw, not zero-day
The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 firewalls.
-
Jeenah Moon via Getty Images
CISA, Microsoft warn about new Microsoft Exchange server vulnerability
The flaw could enable a hacker to perform a “total domain compromise” on affected systems, CISA said.
Updated Aug. 7, 2025 -
Eric Geller/Cybersecurity Dive
US still prioritizing zero-trust migration to limit hacks’ damage
The zero-trust initiative, which gained steam during the Biden administration, is still underway.
Updated Aug. 7, 2025 -
Permission granted by Kesserling Communications
CISA’s relationship with industry needs work to reestablish trust, experts say
Critics say budget cuts, job losses have hurt the agency’s ability to coordinate with private industry.
