The Latest
-
Eric Geller/Cybersecurity Dive
CISA urges critical infrastructure firms to ‘fortify’ before it’s too late
As concerns mount about potential cyber sabotage by the Chinese government, the U.S. is warning operators to practice maintaining services in a degraded state.
Updated May 5, 2026 -
MF3d via Getty Images
Trellix investigating breach of source code repository
The cybersecurity company said there is no immediate evidence of code being exploited or released.
-
Getty Images
New MOVEit vulnerabilities prompt urgent patch warning
Progress Software warned customers to immediately upgrade the file-transfer tool to fix the serious flaws.
-
Getty Images
Critical vulnerability in cPanel leads to widespread exploitation
Researchers warn that threat activity continues to surge, including brute force attacks and ransomware.
-
Getty Images
White House questions tech industry on defensive AI use, cybersecurity resilience
Companies may be reluctant to answer some of the government’s questions, given the sensitive topics they address.
-
MF3d via Getty Images
US and allies urge ‘careful adoption’ of AI agents
New guidance from a coalition of Western governments underscores the difficult-to-predict risks of still-evolving agentic tools.
-
Getty Images
As email phishing evolves, malicious attachments decline and QR codes surge
A new Microsoft report also describes the collapse of a once-dominant tool for generating phishing websites with fake CAPTCHAs.
-
Getty Images
US agencies promote zero-trust practices for operational technology networks
Many zero-trust defenses work differently in industrial environments than in traditional business networks, five federal agencies said in newly published guidance.
-
BlackJack3D via Getty Images
State CISOs losing confidence in ability to manage cyber risks
Deloitte-NASCIO study shows AI, budget pressures are forcing states to make tough decisions.
-
Spencer Platt/Staff via Getty Images
PwC partners with Google Cloud to take on the managed security market
The professional services firm is stepping up its managed security ambitions with a Google Cloud-powered service that leans on agentic AI. The target market is companies that have outgrown DIY security.
-
Getty Images
CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog
Russia has used one of the flaws, security experts said, while North Korea has used the other.
-
Getty Images
‘Fundamental tension’ undermines manufacturers’ cybersecurity
A simple security mistake caused roughly one-quarter of all financial losses in the sector in 2025, cybersecurity insurer Resilience said.
-
Getty Images
North Korea-linked actor targets Web3 execs in social-engineering campaign
Founders and other top executives were compromised to gain access to crypto wallets.
-
pkline via Getty Images
Major critical infrastructure supplier reports cyberattack
Itron, which makes devices that measure energy and water use, said its operations were continuing, despite the intrusion.
-
Courtesy of Billington
US, UK authorities warn that Firestarter backdoor malware survives patching
A federal agency was impacted by a hacking campaign that exploited flaws in Cisco devices.
-
Hasbro expects March cyberattack to impact second-quarter revenue
The toymaker is reviewing files and working to fully bring certain systems back online. The company will incur some costs related to the investigation.
-
Win McNamee via Getty Images
Deep DiveIran-nexus threat groups refine attacks against critical infrastructure
State-sponsored and hacktivist groups have shown greater determination to damage or disable energy, water and other key sectors.
-
Kevin Frayer via Getty Images
China disguises cyberattacks with ‘covert network’ botnets, US and allies warn
A new security advisory highlights Beijing’s stealthy techniques.
Updated April 23, 2026 -
Getty Images
AI-written software creates hassles for wary security teams
A new report explains what cybersecurity practitioners need to see before they trust AI coding tools.
-
Retrieved from Senate Homeland Security Committee.
Trump’s CISA director pick withdraws after tumultuous nomination
CISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction.
Updated April 23, 2026 -
Getty Images
Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says
Hackers can now spin up fake login pages without writing a single line of code.
-
Getty Images
Microsoft SharePoint vulnerability widely exposed across multiple countries
The disclosure comes just weeks after a prior SharePoint flaw was discovered.
-
David Ramos via Getty Images
CISA confirms exploitation of 3 more Cisco networking device vulnerabilities
Cisco revealed six critical flaws in widely used products in February. The government has now seen evidence that hackers are abusing four of them.
-
Getty Images
CISA urges security teams to view environments following axios compromise
A suspected North Korea-linked actor is behind a supply chain attack on the widely used library.
-
Getty Images
Vercel systems targeted after third-party tool compromised
An employee using a consumer app was breached after granting too many permissions.
