Companies aren’t prepared for how AI is accelerating impersonation attacks

Businesses generally aren’t taking a proactive enough approach to blocking schemes that spoof their leaders’ identities, according to a new report.

By Eric Geller • June 8, 2026

Cisco warns zero-day flaw in SD-WAN is being exploited

The company cautioned that no current patches are available and the flaw could allow an attacker to conduct command injection attacks.

By David Jones • June 5, 2026

Explore the Trendline➔

Managing identity sprawl

Cyber threat actors know the simplest way to hack into an enterprise and remain under the radar is with stolen, legitimate user credentials -- and cloud services and AI are making managing and securing digital identities more challenging than ever.

By Cybersecurity Dive staff

Sprawling new House AI bill includes frontier model oversight, open-source security grants

The legislation has already drawn widespread criticism for its proposal to preempt state AI laws.

By Eric Geller • June 5, 2026

‘Don’t panic’: AI reality checks dominate major cybersecurity conference

CISOs and their colleagues should focus on network security basics, not overhyped AI promises, analysts said at a Gartner cybersecurity event.

By Eric Geller • June 3, 2026

CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids

Automatic tank gauge systems are widely used across multiple industries, including energy, agriculture and transportation.

By David Jones • June 3, 2026

Trump signs EO seeking early government access to powerful AI models

The directive represents an about-face for an administration that previously repudiated government AI reviews.

By Eric Geller • Updated June 2, 2026

Turning tension into collaboration: How CIOs and CISOs can lead together

If properly managed and channeled, age-old friction between IT and cybersecurity can create a more resilient organization.

By Tom Scholtz, Distinguished VP Analyst, Gartner • June 2, 2026

CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation

The vulnerability in a vital defensive technology creates serious risks for federal networks, CISA said.

By Eric Geller • June 1, 2026

CISA urges security teams to check for software development compromises

The agency warned about a wave of attacks targeting credentials and other secrets across critical supply chains.

By David Jones • May 29, 2026

IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities

The tech giant’s project could make it easier for businesses to safely use open-source packages.

By Eric Geller • May 28, 2026

Enterprise data is creeping its way into shadow AI tools

Executives and employees are clashing over usage policies as AI security concerns rise, an Okta report found.

By Paige Gross • May 28, 2026

Coordinated operation takes down Glassworm botnet

The botnet began in early 2025, targeting software developers across the open-source supply chain.

By David Jones • May 27, 2026

FBI warns about PhaaS platform used to access Microsoft 365 environments

Device code phishing enabled hackers to bypass multifactor authentication without credentials.

By David Jones • May 26, 2026

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages

Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said.

By Eric Geller • May 22, 2026

New York regulator calls for additional cyber mitigation amid heightened threat environment

The guidance from the state Department of Financial Services arises from concerns about frontier AI and threats linked to the Iran war and other geopolitical risks.

By David Jones • May 22, 2026

Grafana Labs links GitHub environment breach to TanStack npm supply chain attack

The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security.

By David Jones • May 21, 2026

Microsoft disrupts cybercrime operation that hid behind legitimate software

The Fox Tempest malware-signing-as-a-service operation was linked to numerous ransomware attacks.

By David Jones • May 20, 2026

Compromised coding tool helped hackers breach thousands of GitHub repositories

The attack is the latest example of hackers’ intense focus on open-source packages.

By Eric Geller • May 20, 2026

Telecom sector launches its own private ISAC

Federal government involvement in an existing group chilled some cybersecurity discussions among major telecom providers. The new group is intended to alleviate those anxieties.

By Eric Geller • May 19, 2026

Grafana Labs says hacker gained access to codebase through leaked token

The company, which operates a widely used observability platform, is refusing to pay an extortion demand.

By David Jones • Updated May 19, 2026

Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller

Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service.

By David Jones • May 15, 2026

MSPs need AI to fight AI-fueled cyberthreats: Guardz

Entry points haven’t changed, but the speed and scale of attacks have intensified, the security vendor found.

By Kelly Teal, Channel Dive contributor • May 15, 2026

Foxconn confirms cyberattack affecting some North American facilities

A ransomware group has claimed a major attack against the electronics manufacturer.

By David Jones • May 13, 2026

Canvas owner reaches ‘agreement’ with threat actors after data breach

Cybersecurity experts suggest that Instructure appears to have made a ransomware payment, which the FBI highly discourages.

By Anna Merod • May 13, 2026

AI and an absent government: Takeaways from RSAC 2026

Cybersecurity professionals discussed the balance between autonomy and oversight at the recent conference.

By Eric Geller • May 12, 2026