The Latest

  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    FBI seeks public tips about Salt Typhoon

    The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

  • An SAP logo is seen on a building in Frankfurt, Germany, on September 1, 2024.
    Image attribution tooltip
    Victor Golmer via Getty Images
    Image attribution tooltip

    Critical vulnerability in SAP NetWeaver under threat of active exploitation

    Attackers have been observed dropping webshell backdoors and researchers warn the application is popular among government agencies.

    Updated April 25, 2025
  • DHS logo
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    CISA gets a deputy director as it braces for major layoffs

    Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.

  • Green lights show behind plugged-in cables.
    Image attribution tooltip
    gorodenkoff/iStock via Getty Images
    Image attribution tooltip

    Threat groups exploit resurgent vulnerabilities

    VPNs, routers and firewalls are being targeted via older CVEs, new GreyNoise research shows.

  • Leaders of the G7 nations gathered at the Leaders Summit in Italy in June 2024.  A group of top CISOs sent a letter to the G7 in April 2025 asking for harmonization of global cyber regulations.
    Image attribution tooltip
    Antonio Masiello via Getty Images
    Image attribution tooltip

    CISOs band together to urge world governments to harmonize cyber rules

    Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.

  • Sen. Marco Rubio sits at a senate conference.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    State Department reorganization could imperil cyber diplomacy

    Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.

  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

    Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Financial gain still drives majority of cyber threat activity

    Stolen credentials are becoming a more prevalent form of initial access, a report from Mandiant shows.

  • Executives working through an AI training course.
    Image attribution tooltip
    Weedezign via Getty Images
    Image attribution tooltip

    AI impact on data breach outcomes remains ‘limited’: Verizon

    While AI-generated text in malicious emails has doubled, the rate of successful phishing breaches is stable.

  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA’s Secure by Design initiative in limbo after key leaders resign

    Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.

  • A 2018 photo of the Wisconsin state capitol building. The state was among a number of states impacted by a 2025 data breach at Conduent, a payments technology vendor.
    Image attribution tooltip
    Andy Manis via Getty Images
    Image attribution tooltip

    Conduent warns January breach impacted a ‘significant’ number of people

    The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

  • A sign reading "bank" hangs on a building.
    Image attribution tooltip
    assalve via Getty Images
    Image attribution tooltip

    Banks gear up to boost cybersecurity, cloud and data spending

    In the race to scale generative AI capabilities, executives plan to increase foundational technology investments, according to Broadridge.

  • A sign is seen at the Microsoft headquarters on July 3, 2024 in Redmond, Washington.
    Image attribution tooltip
    David Ryder / Stringer via Getty Images
    Image attribution tooltip

    Microsoft strengthens in-house cyber governance, training

    The technology giant, as part of its Secure Future Initiative program, has overhauled security practices following a series of crippling nation-state-linked cyberattacks.

  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Researchers warn of critical flaw found in Erlang OTP SSH

    The CVE could allow unauthenticated attackers to gain full access to a device. Many of these devices are widely used in IoT and telecom platforms.

  • Cloud Network Solution digital background. Cyber Security and Cloud Technology Concept
    Image attribution tooltip
    da-kuk via Getty Images
    Image attribution tooltip
    Opinion

    Gartner: How to build a secure enterprise cloud environment

    There are plenty of frameworks, tools and strategies to help map out a risk-resilient cloud infrastructure.

  • Exterior of Stop & Shop supermarket
    Image attribution tooltip
    Sam Silverstein/Cybersecurity Dive
    Image attribution tooltip

    Ahold Delhaize confirms data stolen after threat group claims credit for November attack

    A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.

  • A single opened padlock glows red among rows of closed blue padlocks.
    Image attribution tooltip
    JuSun via Getty Images
    Image attribution tooltip

    Lemonade says applicant driver’s license numbers exposed

    The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.

  • Oracle office in Lehi City, Utah, USA, June 25, 2023.
    Image attribution tooltip
    JHVEPhoto via Getty Images
    Image attribution tooltip

    CISA warns companies to secure credentials amid Oracle Cloud breach claims

    The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise.

  • Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol. 3d rendering.
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Older SonicWall SMA100 vulnerability exploited in the wild

    CISA added the high-severity flaw, initially disclosed in 2021, to its known exploited vulnerabilities catalog this week.

  • Capitol building, DC
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Bill extends cyber threat info-sharing between public, private sector

    The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”

  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA launches new wave of job cuts

    Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.

  • Smiling businesswoman in headphones taking notes, working with laptop and talking smartphone, blue glowing information protection icons. Padlock, cloud and digital interface. Cyber security concept - stock photo
    Image attribution tooltip
    iStock via Getty Images
    Image attribution tooltip

    Mitre CVE program regains funding as renewal deal reached

    The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

  • A gray four-door crossover vehicle with a woman seated with her hand on the steering wheel is parked in front of a Hertz building.
    Image attribution tooltip
    Courtesy of Hertz/GM
    Image attribution tooltip

    Hertz says personal data breached in connection with Cleo file-transfer flaws

    The company is the latest organization to investigate or disclose an incident linked to a monthslong attack spree.

  • Close up of a machine with several tubes, some of which are red.
    Image attribution tooltip
    saengsuriya13 via Getty Images
    Image attribution tooltip

    DaVita hit by ransomware attack

    The kidney dialysis firm doesn’t have an estimate for how long disruption from the attack will last, though it stressed patients are still receiving care.

  • words zero day highlighted in code
    Image attribution tooltip
    JUN LI via Getty Images
    Image attribution tooltip

    Attackers exploit zero-day flaw in Gladinet CentreStack file-sharing platform

    Critical vulnerability affects both CentreStack and Gladinet’s on-premises file-sharing server, Triofox.