Allianz Life discloses massive data breach linked to supply-chain attack

The intrusion comes amid a wave of recent social-engineering attacks targeting the insurance sector and other industries.

Treasury sanctions North Koreans involved in IT-worker schemes

Authorities also charged several of the indicted people with attempting to evade U.S. sanctions on North Korea.

Philadelphia Indemnity Insurance discloses June data breach

The regulatory filing follows a wave of hacks against the industry that researchers have linked to Scattered Spider.

What we know about the Microsoft SharePoint attacks

State-linked hackers and ransomware groups are targeting SharePoint customers across the globe.

Senators push CISA director nominee on election security, agency focus

Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”

Trump AI plan calls for cybersecurity assessments, threat info-sharing

It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.

SharePoint hacking campaign affects hundreds of systems worldwide

CISA is responding to potential compromises at federal agencies and various state and local entities.

Updated July 23, 2025

Clorox files $380 million suit blaming Cognizant for 2023 cyberattack

The attack, linked to Scattered Spider, disrupted production of household cleaners and other goods.

Dwindling federal cyber support for critical infrastructure raises alarms

A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.

Lapsed CISA contract impedes national lab’s threat-hunting operations

The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.

Microsoft sees China-backed nation-state hackers among adversaries targeting SharePoint

The company urged customers to apply security updates as security researchers warn of escalating attacks.

Microsoft, CISA warn of cyberattacks targeting on-premises SharePoint servers

The flaw has already led to widespread compromises prior to Microsoft’s release of an emergency patch.

Updated July 21, 2025

How IT leaders infuse cyber hygiene into daily work

For technology chiefs, a “do as I say, not as I do” stance could lead to a security breach. Instead, cyber awareness can be taught by example.

Top US senator calls out supply-chain risk with DoD contractors

The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.

Updated July 18, 2025

State Department cyber diplomacy firings and changes threaten US defenses

Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.

Amazon’s director of security on locking down enterprise AI

"We've seen hype cycles before, but this one is a little different," Mark Ryland, director of security at Amazon, told CIO Dive.

Researchers warn of cyberattacks targeting key Fortinet software

Experts urged Fortinet customers to immediately apply patches or disable the affected administrative interface.

Updated July 18, 2025

AI-powered attacks rise as CISOs prioritize AI security risks

Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.

Threat actor targets end-of-life SonicWall SMA 100 appliances in ongoing campaign

The hacker has deployed a backdoor to modify the boot process and has exploited several different vulnerabilities during the attack spree.

Scattered Spider expands its roster of tactics in recent hacks

Microsoft researchers warn they are seeing changing patterns as the cybercrime group has started trying to hack airlines and other industries after targeting retailers and insurers.

UNFI expects cyberattack to cost it at least $350 million in sales

Operations at the grocery distributor, whose customers include Whole Foods, have largely returned to normal, the company said.

DragonForce hackers claim responsibility for Belk data breach

The North Carolina-based retailer is the latest known victim in a spree of attacks in the U.K. and U.S.

Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests

The study by Munich Re and CyberCube also warned that the internet of things and large language models present near-term risks.  

Risk management, legacy tech pose major threats to healthcare firms, report finds

Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report.

Major railroad-signaling vulnerability could lead to train disruptions

The high-severity flaw could let a hacker abruptly halt — and potentially derail — a train.

Updated July 14, 2025