The Latest
-
Getty Images via Getty Images
CISOs grow more concerned about risk of material cyberattack
A report by Proofpoint shows growing anxiety among security leaders about their companies’ cyber readiness.
-
Motortion via Getty Images
Credential harvesting campaign targets ScreenConnect cloud administrators
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA updates SBOM recommendations
The document is primarily meant for federal agencies, but CISA hopes businesses will also use it to push vendors for software bills of materials.
-
Alamy
China-nexus hacker Silk Typhoon targeting cloud environments
The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say.
-
Faruk Ibrahim Alpagut via Getty Images
US charges Oregon man in vast botnet-for-hire operation
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.
-
utah778 via Getty Images
Cyber, AI drive software spending to double-digit growth through 2029
Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.
-
David Ramos via Getty Images
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software.
-
Justin Sullivan via Getty Images
Hackers target Workday in social engineering attack
Researchers cite increasing evidence of collaboration between Scattered Spider and the cybercrime group ShinyHunters in the campaign.
-
Just_Super/Getty Images via Getty Images
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
The company says it doesn’t yet know if the incident will have a material impact.
-
Alamy
Palo Alto Networks shares surge after company releases strong annual forecast
The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.
-
da-kuk via Getty Images
Businesses focus on AI, cloud, despite cyber defense oversights
Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.
-
BlackJack3D via Getty Images
NIST seeks input on control overlays for securing AI systems
The federal agency plans to develop guidance to organizations about various AI use cases.
-
funky-data via Getty Images
Developers knowingly push vulnerable code, despite growing breach risk
Only three in 10 respondents said their application security programs were highly mature.
-
Danai Jetawattana via Getty Images
Cybersecurity ranks among top three risks to manufacturing sector
Most companies are planning major AI investments to address growing threats to OT systems.
-
Justin Sullivan via Getty Images
Water sector expands partnership with volunteer hackers
As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.
-
Eric Geller/Cybersecurity Dive
Trump administration cyber cuts eroding private sector’s trust, confidence
A report by Swimlane shows companies are reducing cybersecurity spending and security teams are experiencing increasing pressure.
Updated Aug. 14, 2025 -
Samuel Corum via Getty Images
White House urged to revamp cyber regulations
A leading trade group said the Trump administration should rein in a major pending cybersecurity rule as well as embrace AI-based cyber defenses.
-
baranozdemir via Getty Images
US agencies, international allies issue guidance on OT asset inventorying
The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.
-
Courtesy of Xerox
Xerox patches critical vulnerability in FreeFlow Core application
Researchers at Horizon3.ai discovered the flaw after flagging unusual behavior in a customer environment.
Updated Aug. 13, 2025 -
HJBC via Getty Images
CISA, Microsoft update guidance on Exchange Server vulnerability
Officials reiterated their belief that hackers were not exploiting the flaw, but nonetheless urged users to immediately check their systems.
-
Courtesy of Nucor
Financial impact from severe OT events could top $300B
A report from industrial cybersecurity firm Dragos highlights growing risks of business interruption and supply-chain disruptions.
-
Justin Sullivan/Getty Images via Getty Images
Citrix NetScaler flaws lead to critical infrastructure breaches
Dutch authorities said hackers penetrated several critical infrastructure providers, in a warning sign for vulnerable organizations elsewhere.
Updated Aug. 12, 2025 -
Douglas Rissing via Getty Images
DOJ, international partners take down BlackSuit group’s infrastructure
BlackSuit has been among the most prolific ransomware gangs in recent years, targeting government agencies, critical manufacturing companies and healthcare firms.
-
Alexander Sikov via Getty Images
Research shows AI agents are highly vulnerable to hijacking attacks
Experts from Zenity Labs demonstrated how attackers could exploit widely deployed AI technologies for data theft and manipulation.
-
Eric Geller/Cybersecurity Dive
Cyber experts ponder a non-government future for the CVE program
Organizations supporting the security vulnerability program said it needed changes to improve stability and rebuild trust.
