Threats
-
US still prioritizing zero-trust migration to limit hacks’ damage
The zero-trust initiative, which gained steam during the Biden administration, is still underway.
By Eric Geller • Aug. 6, 2025 -
SonicWall investigating possible zero-day related to firewall attacks
Researchers recently warned about a surge in Akira ransomware attacks linked to a potential SonicWall vulnerability.
By David Jones • Aug. 5, 2025 -
Explore the Trendline➔
.shock via Getty ImagesTrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
AI is helping hackers automate and customize cyberattacks
CrowdStrike’s annual cyber-threat-hunting report reveals the double threat that AI poses to many businesses.
By Eric Geller • Aug. 4, 2025 -
Palo Alto Networks investigating ransomware threat related to SharePoint exploitation
Researchers said an unidentified hacker demanded a ransom after an intrusion linked to the SharePoint flaw.
By David Jones • Aug. 1, 2025 -
Ransomware gangs capitalize on law enforcement takedowns of competitors
After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux.
By Eric Geller • July 31, 2025 -
Industry groups urge vigilance as Scattered Spider evolves tactics
Information-sharing organizations warned their members that Scattered Spider continues to pose a major threat.
By David Jones • July 31, 2025 -
What we know about the cybercrime group Scattered Spider
The notorious hacker collective has attracted the attention of government authorities in several nations around the globe.
By David Jones • July 30, 2025 -
‘Shadow AI’ increases cost of data breaches, report finds
Companies are failing to protect their AI tools from compromise, often leading to more extensive data breaches, according to new data from IBM.
By Eric Geller • July 30, 2025 -
FBI, CISA warn about Scattered Spider’s evolving tactics
International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.
By David Jones • July 29, 2025 -
Ransomware attacks against oil and gas firms surge
Manufacturing remains the No. 1 ransomware target, new data from Zscaler shows.
By Eric Geller • July 29, 2025 -
Research shows LLMs can conduct sophisticated attacks without humans
The project, launched by Carnegie Mellon in collaboration with Anthropic, simulated the 2017 Equifax data breach.
By David Jones • July 28, 2025 -
Sponsored by ThreatLocker
Emerging cybersecurity needs: What the market is telling us
Default-deny, strict controls, and real-time monitoring: how to stop threats before they start.
By Yuriy Tsibere, Product Manager and Business Analyst, ThreatLocker • July 28, 2025 -
Treasury sanctions North Koreans involved in IT-worker schemes
Authorities also charged several of the indicted people with attempting to evade U.S. sanctions on North Korea.
By Eric Geller • July 25, 2025 -
What we know about the Microsoft SharePoint attacks
State-linked hackers and ransomware groups are targeting SharePoint customers across the globe.
By David Jones • July 24, 2025 -
Trump AI plan calls for cybersecurity assessments, threat info-sharing
It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.
By Eric Geller • July 23, 2025 -
Lapsed CISA contract impedes national lab’s threat-hunting operations
The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.
By Eric Geller • July 23, 2025 -
Microsoft sees China-backed nation-state hackers among adversaries targeting SharePoint
The company urged customers to apply security updates as security researchers warn of escalating attacks.
By David Jones • July 22, 2025 -
Ransomware attacks in education jump 23% year over year
Education was the fourth-most-targeted sector during the first half of 2025, according to a report from Comparitech.
By Briana Mendez-Padilla • July 22, 2025 -
Deep Dive
Dwindling federal cyber support for critical infrastructure raises alarms
A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.
By Eric Geller • July 22, 2025 -
Top US senator calls out supply-chain risk with DoD contractors
The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.
By Eric Geller • Updated July 18, 2025 -
Pacheco, Isaac. Retrieved from U.S. Department of State / Flickr.
State Department cyber diplomacy firings and changes threaten US defenses
Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.
By Eric Geller • July 17, 2025 -
AI-powered attacks rise as CISOs prioritize AI security risks
Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.
By Eric Geller • July 17, 2025 -
Scattered Spider expands its roster of tactics in recent hacks
Microsoft researchers warn they are seeing changing patterns as the cybercrime group has started trying to hack airlines and other industries after targeting retailers and insurers.
By David Jones • July 16, 2025 -
Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests
The study by Munich Re and CyberCube also warned that the internet of things and large language models present near-term risks.
By David Jones • July 15, 2025 -
Risk management, legacy tech pose major threats to healthcare firms, report finds
Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report.
By Eric Geller • July 15, 2025