M&S chairman calls for mandatory disclosure of material cyberattacks

The chairman testified before British lawmakers following a major social-engineering attack on the department-store chain.

By David Jones • July 9, 2025

Suspected contractor for China’s Hafnium group arrested in Italy

U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers. 

By David Jones • July 8, 2025

Security coalition urges Congress to renew 2015 CISA law

A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

By Eric Geller • July 8, 2025

SEC seeks SolarWinds settlement in reversal for agency under new leadership

The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.

By Eric Geller • July 7, 2025

FBI cyber guidance to lawmakers falls short, US senator says

Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.

By Eric Geller • July 2, 2025

‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure

Recent federal cuts, reorganizations and other disruptions have alarmed industry leaders, who say the government is a less reliable partner even as cyber threats increase.

By Eric Geller • June 25, 2025

Federal officials, critical infrastructure leaders remain on guard for Iran-linked hacks

Amid an uneasy truce, security teams in the U.S. said they have not seen any credible or specific threats.

By David Jones • June 24, 2025

Cyber insurance premiums drop for first time, report finds

Despite a decline in both premiums and prices, the market continues to be profitable.

By Eric Geller • June 24, 2025

DHS warns of heightened cyber threat as US enters Iran conflict

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.

By David Jones • June 23, 2025

FTC reminds car dealers to protect customer data

The commission described how recently updated federal regulations affect dealerships — and their vendors.

By Eric Geller • Updated June 17, 2025

SEC scraps proposed cybersecurity rules for investment advisers, market participants

The commission offered no rationale for removing rules that would have imposed security requirements on financial services providers.

By Eric Geller • Updated June 16, 2025

Software vulnerabilities pile up at government agencies, research finds

A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.

By David Jones • June 12, 2025

Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order

The White House accused the Biden administration of trying to “sneak problematic and distracting issues into cybersecurity policy.” 

By Eric Geller • June 6, 2025

Trump’s national cyber director nominee dodges criticism of funding cuts

Sean Cairncross said his managerial experience has prepared him well to lead a relatively new White House cyber unit.

By Eric Geller • June 5, 2025

Water utilities mitigate equipment flaws after researchers find widespread exposures

Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.

By David Jones • June 5, 2025

FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques

The hacker group has breached hundreds of organizations and is working with others to exploit flaws in a popular remote support tool.

By David Jones • June 5, 2025

Banking groups urge SEC to rescind Biden-era cybersecurity rule

The rule has exposed companies to liability risks while failing to provide investors with “decision-useful” information, the coalition said in a recent letter.

By Alexei Alexis • June 5, 2025

Bipartisan bill proposes $50M cyber threat analysis program for energy sector

“Our national security depends on a resilient and secure energy grid,” said Sen. John Hickenlooper, D-Colo. Experts say the new effort would be welcomed by the private sector.

By Robert Walton • June 5, 2025

CISA workforce cut by nearly one-third so far

The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure.

By Eric Geller • June 4, 2025

Trump’s cyber nominees gain broad industry support

CISA director and national cyber director nominees could transform how the federal government engages with the private sector on cybersecurity issues.

By Eric Geller • Updated June 3, 2025

Trump’s CISA budget lays out deep job cuts, program reductions

Critical infrastructure organizations and small businesses would get less support under the president’s fiscal 2026 funding plan.

By Eric Geller • Updated June 2, 2025

Senate Democrats urge DHS to reconstitute CSRB

The lawmakers said the Cyber Safety Review Board’s work has made government agencies and private businesses more secure.

By Eric Geller • May 30, 2025

CISA loses nearly all top officials as purge continues

Most of the leaders of the agency’s operating divisions and regional offices have left or will leave this month amid the Trump administration’s aggressive government-downsizing campaign.

By Eric Geller • May 27, 2025

High-profile CISA departure adds to agency’s struggles

The Trump administration’s workforce purge is sapping CISA of its best talent, experts say. CISA deputy Matt Hartman is the latest to leave the agency.

By Eric Geller • May 20, 2025

Major tech vendors call for streamlining US foreign cyber aid

A new coalition will push policymakers to change how the government oversees foreign purchases of U.S. cyber resources.

By Eric Geller • Updated May 21, 2025