The Latest
-
tadamichi via Getty Images
Vulnerability exploitation surges often precede disclosure, offering possible early warnings
Organizations can get ahead of major flaws with the right threat intelligence, according to a new report.
-
Sean Gallup via Getty Images
TP-Link routers face exploitation attempt linked to high-severity flaw
Researchers warn a potential botnet is targeting a vulnerability in end-of-life devices.
-
Getty Images
US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
Authorities around the world seized more than 50 websites associated with DDoS “booter” services.
-
R. Eskalis/NIST. Retrieved from NIST.
NIST limits vulnerability analysis as CVE backlog swells
The agency will stop adding detailed information to vulnerabilities that don’t meet certain criteria.
-
Getty Images
CISA cancels prestigious summer internships, citing government shutdown
Experts worry that recent chaos in the scholarship program could undermine vital workforce-development efforts.
-
BlackJack3D via Getty Images
CIOs fret over rising security concerns amid AI adoption
AI is emerging as a critical tool and a growing threat as CIOs struggle to balance innovation with risk, according to a new report.
-
Ethan Miller via Getty Images
FCC exempts Netgear from foreign router ban
The commission did not explain its action beyond citing a Defense Department determination.
-
Getty Images
Medium-severity flaw in Microsoft SharePoint exploited
The flaw should be taken seriously, despite its relatively low score, according to researchers.
Updated April 16, 2026 -
Mark Wilson via Getty Images
FCC signals continued commitment to Cyber Trust Mark program
The government approved a new lead overseer for its IoT device security labeling initiative.
Updated April 14, 2026 -
Getty Images
Brute-force cyberattacks originating in Middle East surge in Q1
Hackers have primarily targeted SonicWall and Fortinet devices, according to researchers.
-
Getty Images
US, Indonesia shut down ‘sophisticated’ phishing kit
For a nominal fee, cybercriminals could rent access to a service that maliciously duplicated popular websites’ login portals.
-
Getty Images
CISOs see gaps in their incident response playbooks
A survey by Sygnia reveals that senior-level security leaders fear they are not prepared to respond to the next cyberattack.
-
Alamy
Stryker warns of earnings fallout from March cyberattack
The medtech company was targeted in a wiper attack linked to an Iran-sponsored threat group.
-
Getty Images
Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign
A research firm tallied the internet-exposed devices Iran is targeting and recommended mitigations for any infrastructure operator using them.
-
Getty Images
CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog
The code injection flaw is similar to a prior vulnerability that was immediately flagged in January.
-
Michael Gruber via Getty Images
Iran-linked hackers target water, energy in US, FBI and CISA warn
Nation-state actors have exploited flaws in industrial programmable logic controllers, leading to disruption and financial losses.
-
Majid Saeedi/Getty Image via Getty Images
NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat
Hackers have disrupted critical U.S. infrastructure by targeting programmable logic controllers, the Cybersecurity and Infrastructure Security Agency warned.
-
Jens Domschky via Getty Images
US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure
The newly disclosed cyberattack campaign is the latest evidence of the threat end-of-life routers pose to major organizations.
Updated April 9, 2026 -
Massimo Rosi via Getty Images
Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface
Global sporting events have become a lucrative target for criminal actors and geopolitical statements.
-
Getty Images
CISA’s vulnerability scans, field support on chopping block in Trump budget
The president is proposing to shrink the agency by nearly 900 positions.
-
Getty Images
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
The stolen information could help intruders plan follow-up attacks and breach more organizations, Cisco researchers said.
-
Getty Images
Threat cluster launches extortion campaign using social engineering
Researchers said the hackers are compromising business process outsourcers and targeting help desk support.
-
Courtesy of Fortinet
Critical flaw in FortiClient EMS under exploitation
Fortinet released an emergency hotfix after security researchers discovered the vulnerability being exploited as a zero-day.
Updated April 6, 2026 -
Courtesy of Hims & Hers
Hims & Hers says limited data stolen in social engineering attack
The telehealth provider said hackers gained access to a third-party customer service platform, but medical records remained secure.
-
Eric Geller/Cybersecurity Dive
Trump’s FY2027 budget again targets CISA
The White House reiterated accusations about CISA’s counter-misinformation work to justify a major proposed reduction.
