Nearly half of exploited zero-day flaws target enterprise-grade technology

A report by Google Threat Intelligence Group warns that AI will be used to speed and scale attacks in 2026.

By David Jones • March 6, 2026

Iran-nexus hackers target flaws in surveillance cameras

The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical sectors in the U.S.

By David Jones • Updated March 6, 2026

Ransomware is now less about malware and more about impersonation

Stolen passwords have replaced infectious code as the most common tactic in major breaches, Cloudflare said.

By Eric Geller • March 3, 2026

How Microsoft, partners are tackling ‘huge, huge task’ of making security software safer

The technology giant and third-party security vendors are plotting an ambitious overhaul of how their products interoperate.

By Eric Geller • March 2, 2026

Building a risk-based data sanitization strategy: When to use Cryptographic erasure vs. physical destruction

Build your strategy on risk assessment, not on assumptions that one size fits all.

By Paul Falcone • March 2, 2026

‘Resurge’ malware can remain undetected on devices

CISA previously issued an alert about attacks that exploited a vulnerability in Ivanti Connect Secure.

By David Jones • Updated Feb. 27, 2026

CISA orders agencies to patch Cisco devices now under attack

The vulnerabilities, scored as critical, affect the company’s software-defined wide-area networking (SD-WAN) systems.

By Eric Geller • Feb. 25, 2026

Software vulnerabilities are being weaponized faster than ever

A report by VulnCheck shows threat groups are exploiting a small percentage of critical flaws well before security teams can mitigate.

By David Jones • Feb. 25, 2026

Hackers target vulnerabilities in Roundcube Webmail

CISA has added the flaws, one of which is considered critical, to its Known Exploited Vulnerabilities catalog.

By David Jones • Feb. 23, 2026

BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools

Researchers warn that thousands of instances may still be vulnerable to exploitation activity.

By David Jones • Updated Feb. 20, 2026

Threat groups use AI to speed up and scale cyberattacks

A report from Palo Alto Networks finds hackers are increasingly using stolen identities and exploiting critical vulnerabilities within minutes of disclosure.

By David Jones • Feb. 18, 2026

Hackers exploit zero-day flaw in Dell RecoverPoint for Virtual Machines

Threat actors linked to China have deployed a novel backdoor, according to researchers.

By David Jones • Updated Feb. 18, 2026

Critical flaw in BeyondTrust Remote Support sees early signs of exploitation

The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

By David Jones • Updated Feb. 16, 2026

SmarterMail facing widespread attacks targeting critical flaws

The business email and collaboration software is being exploited for potential ransomware.

By David Jones • Feb. 12, 2026

The Future of DAST in an AI-First World: Why Runtime Security Testing Remains Critical

Runtime validation is where the gap is widening—and where this shift creates the biggest leap forward.

By Joni Klippert, CEO of StackHawk • Feb. 12, 2026

Majority of Ivanti EPMM threat activity linked to hidden IP

A report by GreyNoise warns the IP address is operating behind bulletproof hosting infrastructure and might not show up in current IoCs. 

By David Jones • Updated Feb. 11, 2026

Extortion attacks on the rise as hackers prioritize supply-chain weaknesses

Consulting firms and manufacturing companies accounted for many of the ransomware victims posted to the dark web in 2025, Intel 471 said.

By Eric Geller • Feb. 11, 2026

Ivanti EPMM exploitation widespread as governments, others targeted

Researchers warn the activity shows evidence of initial access brokers preparing for future attacks.

By David Jones • Feb. 10, 2026

Threat actors target SolarWinds Web Help Desk flaw

Researchers say hackers are using remote monitoring and other tools in compromised environments.

By David Jones • Feb. 9, 2026

Critical flaw in SolarWinds Web Help Desk under exploitation

The vulnerability could allow an attacker to achieve remote code execution. 

By David Jones • Updated Feb. 5, 2026

Autonomous attacks ushered cybercrime into AI era in 2025

Malwarebytes urged companies to adopt continuous monitoring and lock down identity systems as AI models get better at orchestrating intrusions.

By Eric Geller • Feb. 4, 2026

React2Shell exploitation undergoes significant change in threat activity

Researchers see a sudden consolidation of source IPs since late January.

By David Jones • Updated Feb. 4, 2026

Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts

Security researchers warn that the initial threat activity was highly targeted, as a limited number of users were impacted prior to disclosure.

By David Jones • Feb. 3, 2026

Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat

A look at the most important trends and issues in cyber this year.

By Cybersecurity Dive Staff • Jan. 30, 2026

Cisco sees vulnerability exploitation top phishing in Q4

The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat to the enterprise.

By Eric Geller • Jan. 30, 2026