AI is helping hackers automate and customize cyberattacks

CrowdStrike’s annual cyber-threat-hunting report reveals the double threat that AI poses to many businesses.

By Eric Geller • Aug. 4, 2025

Ransomware gangs capitalize on law enforcement takedowns of competitors

After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux.

By Eric Geller • July 31, 2025

‘Shadow AI’ increases cost of data breaches, report finds

Companies are failing to protect their AI tools from compromise, often leading to more extensive data breaches, according to new data from IBM.

By Eric Geller • July 30, 2025

FBI, CISA warn about Scattered Spider’s evolving tactics

International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.

By David Jones • July 29, 2025

Ransomware attacks against oil and gas firms surge

Manufacturing remains the No. 1 ransomware target, new data from Zscaler shows.

By Eric Geller • July 29, 2025

Allianz Life discloses massive data breach linked to supply-chain attack

The intrusion comes amid a wave of recent social-engineering attacks targeting the insurance sector and other industries.

By David Jones • July 28, 2025

Philadelphia Indemnity Insurance discloses June data breach

The regulatory filing follows a wave of hacks against the industry that researchers have linked to Scattered Spider.

By David Jones • July 25, 2025

Clorox files $380 million suit blaming Cognizant for 2023 cyberattack

The attack, linked to Scattered Spider, disrupted production of household cleaners and other goods.

By David Jones • July 23, 2025

SharePoint hacking campaign affects hundreds of systems worldwide

CISA is responding to potential compromises at federal agencies and various state and local entities.

By David Jones • Updated July 23, 2025

Ransomware attacks in education jump 23% year over year

Education was the fourth-most-targeted sector during the first half of 2025, according to a report from Comparitech.

By Briana Mendez-Padilla • July 22, 2025

AI-powered attacks rise as CISOs prioritize AI security risks

Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.

By Eric Geller • July 17, 2025

UNFI expects cyberattack to cost it at least $350 million in sales

Operations at the grocery distributor, whose customers include Whole Foods, have largely returned to normal, the company said.

By Sam Silverstein • July 16, 2025

DragonForce hackers claim responsibility for Belk data breach

The North Carolina-based retailer is the latest known victim in a spree of attacks in the U.K. and U.S.

By David Jones • July 15, 2025

Iran-linked hackers target US transportation, manufacturing firms

U.S. authorities have been warning of potential state-linked or hacktivist threats since the country intervened in the Israel-Iran war.

By Eric Geller • July 9, 2025

SEC seeks SolarWinds settlement in reversal for agency under new leadership

The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.

By Eric Geller • July 7, 2025

Ahold Delhaize USA says cyberattack exposed personal data of 2M people

The intruders who gained access to the grocer’s online systems in November had access to information including birthdays, Social Security numbers and bank account details.

By Sam Silverstein • July 1, 2025

US authorities unmask North Korean IT worker schemes and their American accomplices

Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.

By Eric Geller • June 30, 2025

Data breach at healthcare services firm Episource affects 5.4M

The incident, one of the largest breaches reported to federal regulators this year, came after a cybercriminal accessed data on the company’s computer systems over the winter.

By Emily Olsen • June 30, 2025

United Natural Foods says cyberattack will reduce quarterly earnings

The company, which supplies Whole Foods and other grocery stores nationwide, had to disable electronic ordering systems while responding to the attack earlier this month.

By Eric Geller • June 27, 2025

Judge approves AT&T’s $177M data breach settlement

The settlement, which has received preliminary clearance, now awaits a December hearing for final approval.

By Alexei Alexis • June 25, 2025

Steelmaker Nucor restores operations, confirms limited data breach

The steel products giant said it does not expect the cyberattack to have a material impact on its operations.

By David Jones • June 23, 2025

Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry

The breach marks the latest in a series of recent attacks linked to cybercrime group Scattered Spider.

By David Jones • Updated June 20, 2025

How the cyberattack against UNFI affected 4 independent grocers

The distributor said it is still relying on manual processes to fulfill orders as it works to bring its systems back online after an intrusion earlier this month.

By Sam Silverstein • June 18, 2025

CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws

The latest confirmed cyber intrusion hit a utility billing software provider and its customers.

By Eric Geller • June 13, 2025

UNFI’s operations remain hobbled following cyberattack

The grocery company had to entirely shut down its network following the intrusion and is serving customers on only a “limited basis” as it works to recover, CEO Sandy Douglas said.

By Sam Silverstein • June 11, 2025