The Latest
-
Chip Somodevilla via Getty Images
FBI seeks public tips about Salt Typhoon
The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.
-
Victor Golmer via Getty Images
Critical vulnerability in SAP NetWeaver under threat of active exploitation
Attackers have been observed dropping webshell backdoors and researchers warn the application is popular among government agencies.
Updated April 25, 2025 -
Alex Wong via Getty Images
CISA gets a deputy director as it braces for major layoffs
Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.
-
gorodenkoff/iStock via Getty Images
Threat groups exploit resurgent vulnerabilities
VPNs, routers and firewalls are being targeted via older CVEs, new GreyNoise research shows.
-
Antonio Masiello via Getty Images
CISOs band together to urge world governments to harmonize cyber rules
Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.
-
Drew Angerer via Getty Images
State Department reorganization could imperil cyber diplomacy
Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.
-
Chip Somodevilla via Getty Images
BEC scams, investment fraud accounted for biggest cybercrime losses in 2024
Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.
-
LuisPortugal/Getty Images Plus via Getty Images
Financial gain still drives majority of cyber threat activity
Stolen credentials are becoming a more prevalent form of initial access, a report from Mandiant shows.
-
Weedezign via Getty Images
AI impact on data breach outcomes remains ‘limited’: Verizon
While AI-generated text in malicious emails has doubled, the rate of successful phishing breaches is stable.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA’s Secure by Design initiative in limbo after key leaders resign
Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.
-
Andy Manis via Getty Images
Conduent warns January breach impacted a ‘significant’ number of people
The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.
-
assalve via Getty Images
Banks gear up to boost cybersecurity, cloud and data spending
In the race to scale generative AI capabilities, executives plan to increase foundational technology investments, according to Broadridge.
-
David Ryder / Stringer via Getty Images
Microsoft strengthens in-house cyber governance, training
The technology giant, as part of its Secure Future Initiative program, has overhauled security practices following a series of crippling nation-state-linked cyberattacks.
-
NicoElNino via Getty Images
Researchers warn of critical flaw found in Erlang OTP SSH
The CVE could allow unauthenticated attackers to gain full access to a device. Many of these devices are widely used in IoT and telecom platforms.
-
da-kuk via Getty Images
OpinionGartner: How to build a secure enterprise cloud environment
There are plenty of frameworks, tools and strategies to help map out a risk-resilient cloud infrastructure.
-
Sam Silverstein/Cybersecurity Dive
Ahold Delhaize confirms data stolen after threat group claims credit for November attack
A highly active threat group says it will release stolen information, months after an attack disrupted e-commerce operations at the grocer’s U.S. business.
-
JuSun via Getty Images
Lemonade says applicant driver’s license numbers exposed
The company is notifying about 190,000 people after certain information used for car insurance quotes was left unencrypted.
-
JHVEPhoto via Getty Images
CISA warns companies to secure credentials amid Oracle Cloud breach claims
The agency is asking organizations to come forward if they detect suspicious activity or other evidence of a compromise.
-
Getty Images via Getty Images
Older SonicWall SMA100 vulnerability exploited in the wild
CISA added the high-severity flaw, initially disclosed in 2021, to its known exploited vulnerabilities catalog this week.
-
Getty Images via Getty Images
Bill extends cyber threat info-sharing between public, private sector
The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA launches new wave of job cuts
Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.
-
iStock via Getty Images
Mitre CVE program regains funding as renewal deal reached
The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.
-
Courtesy of Hertz/GM
Hertz says personal data breached in connection with Cleo file-transfer flaws
The company is the latest organization to investigate or disclose an incident linked to a monthslong attack spree.
-
saengsuriya13 via Getty Images
DaVita hit by ransomware attack
The kidney dialysis firm doesn’t have an estimate for how long disruption from the attack will last, though it stressed patients are still receiving care.
-
JUN LI via Getty Images
Attackers exploit zero-day flaw in Gladinet CentreStack file-sharing platform
Critical vulnerability affects both CentreStack and Gladinet’s on-premises file-sharing server, Triofox.
