The Latest
-
Michael M. Santiago via Getty Images
FBI warns about PhaaS platform used to access Microsoft 365 environments
Device code phishing enabled hackers to bypass multifactor authentication without credentials.
-
Michael Gruber via Getty Images
Iranian government, not hacktivist group, breached LA Metro system, security firm says
A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists.
-
Michael Gruber via Getty Images
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said.
-
Courtesy of Darren McGee/ Office of Governor Kathy Hochul
New York regulator calls for additional cyber mitigation amid heightened threat environment
The guidance from the state Department of Financial Services arises from concerns about frontier AI and threats linked to the Iran war and other geopolitical risks.
-
Getty Images
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security.
-
Getty Images
CISA asks cybersecurity community to alert it to vulnerability exploitation
The agency wants to ensure that its public catalog of actively exploited flaws is as comprehensive as possible.
-
Leon Neal / Staff via Getty Images
Compromised coding tool helped hackers breach thousands of GitHub repositories
The attack is the latest example of hackers’ intense focus on open-source packages.
-
Getty Images
Microsoft disrupts cybercrime operation that hid behind legitimate software
The Fox Tempest malware-signing-as-a-service operation was linked to numerous ransomware attacks.
-
Telecom sector launches its own private ISAC
Federal government involvement in an existing group chilled some cybersecurity discussions among major telecom providers. The new group is intended to alleviate those anxieties.
-
Getty Images
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected.
-
Eric Geller/Cybersecurity Dive
Deep DiveHow a government contest launched a revolution in AI-based bug hunting
Security researchers have spent months honing AI systems that can find and fix serious vulnerabilities. Critical infrastructure everywhere could benefit.
-
Getty Images
Grafana Labs says hacker gained access to codebase through leaked token
The company, which operates a widely used observability platform, is refusing to pay an extortion demand.
Updated May 19, 2026 -
Getty Images
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service.
-
MF3d via Getty Images
Frontier AI models reap rapid discovery of security vulnerabilities
Security teams have just a few months before AI-driven exploitation becomes the norm, researchers warn.
-
Getty Images
West Pharmaceutical starts restoring operations after ransomware attack
The company confirmed data was stolen and encrypted by the attackers.
-
Courtesy of Foxconn
Foxconn confirms cyberattack affecting some North American facilities
A ransomware group has claimed a major attack against the electronics manufacturer.
-
Getty Images
Instructure confirms cybersecurity incident
The ed tech company that operates Canvas said information impacted by the data breach includes messages, names, email addresses and student ID numbers.
-
Justin Sullivan via Getty Images
OpenAI launches Daybreak to combat cyber threats
The cybersecurity initiative uses AI to detect software vulnerabilities, partnering with Cloudflare, Cisco and CrowdStrike to counter threats.
-
Eric Geller/Cybersecurity Dive
AI and an absent government: Takeaways from RSAC 2026
Cybersecurity professionals discussed the balance between autonomy and oversight at the recent conference.
-
Getty Images
Identity takes center stage as a leading factor in enterprise cyberattacks
A new report shows two-thirds of ransomware attacks began with an identity-related breach.
-
Justin Sullivan via Getty Images
Deep DiveNew cybersecurity industry coalition aims to lead US critical infrastructure protection
The new Alliance for Critical Infrastructure’s biggest goal: changing how the nation plans for a major cybersecurity crisis.
-
Permission granted by Anthropic
Anthropic’s Claude used in attempted compromise of Mexican water utility
Researchers warn the incident highlights how AI tools can help untrained threat actors develop complex cyberattack capabilities.
-
MF3d via Getty Images
AI used to develop working zero-day exploit, researchers warn
A report by GTIG shows threat groups are increasingly leveraging AI to scale attacks. The exploitation attempt was disclosed and patched, preventing a mass incident.
-
Permission granted by Chris Insana
Second Canvas data breach causes major disruptions for schools, colleges
The Instructure-owned learning management system went offline on May 7 after a threat actor once again gained unauthorized access.
-
Matt Kapko/Cybersecurity Dive
Palo Alto Networks warns state-linked cluster behind zero-day exploitation
A patch for the flaw, which hackers began targeting in early April, won’t be ready for another week.
