The Latest
-
Matt Kapko/Cybersecurity Dive
CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation
The vulnerability in a vital defensive technology creates serious risks for federal networks, CISA said.
-
Permission granted by 1Password
Sponsored by 1PasswordHow Canva scaled to 260+M users while elevating security and productivity
See how Canva uses 1Password to integrate new teams fast, empower developers and maintain high standards for customers.
-
Getty Images
Without strong governance, companies put credit ratings at risk in AI era
A new report from S&P Global provides a blueprint for how companies can adapt to the changing threat environment.
-
Getty Images
CISA urges security teams to check for software development compromises
The agency warned about a wave of attacks targeting credentials and other secrets across critical supply chains.
-
Getty Images
IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities
The tech giant’s project could make it easier for businesses to safely use open-source packages.
-
Getty Images
OpinionHow CISOs can manage sovereign-cloud security risks
Selecting and adopting cloud services from non-U.S. regional providers requires solid cyber risk and security assessment.
-
Matt Kapko/Cybersecurity Dive
Coordinated operation takes down Glassworm botnet
The botnet began in early 2025, targeting software developers across the open-source supply chain.
-
Getty Images
Enterprise data is creeping its way into shadow AI tools
Executives and employees are clashing over usage policies as AI security concerns rise, an Okta report found.
-
Getty Images
Leading AI models are more vulnerable to malicious prompts than vendors claim
Hackers could subvert frontier models with attacks that their developers overlook, Cisco said.
-
Michael M. Santiago via Getty Images
FBI warns about PhaaS platform used to access Microsoft 365 environments
Device code phishing enabled hackers to bypass multifactor authentication without credentials.
-
Michael Gruber via Getty Images
Iranian government, not hacktivist group, breached LA Metro system, security firm says
A report by Israel-based Gambit Security dismisses the hackers’ claims of being patriotic but unaffiliated activists.
-
Michael Gruber via Getty Images
Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages
Companies, particularly those in the affected industries, should harden their defenses against impersonation schemes, Palo Alto Networks said.
-
Courtesy of Darren McGee/ Office of Governor Kathy Hochul
New York regulator calls for additional cyber mitigation amid heightened threat environment
The guidance from the state Department of Financial Services arises from concerns about frontier AI and threats linked to the Iran war and other geopolitical risks.
-
Getty Images
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack
The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security.
-
Getty Images
CISA asks cybersecurity community to alert it to vulnerability exploitation
The agency wants to ensure that its public catalog of actively exploited flaws is as comprehensive as possible.
-
Leon Neal / Staff via Getty Images
Compromised coding tool helped hackers breach thousands of GitHub repositories
The attack is the latest example of hackers’ intense focus on open-source packages.
-
Getty Images
Microsoft disrupts cybercrime operation that hid behind legitimate software
The Fox Tempest malware-signing-as-a-service operation was linked to numerous ransomware attacks.
-
Telecom sector launches its own private ISAC
Federal government involvement in an existing group chilled some cybersecurity discussions among major telecom providers. The new group is intended to alleviate those anxieties.
-
Getty Images
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected.
-
Eric Geller/Cybersecurity Dive
Deep DiveHow a government contest launched a revolution in AI-based bug hunting
Security researchers have spent months honing AI systems that can find and fix serious vulnerabilities. Critical infrastructure everywhere could benefit.
-
Getty Images
Grafana Labs says hacker gained access to codebase through leaked token
The company, which operates a widely used observability platform, is refusing to pay an extortion demand.
Updated May 19, 2026 -
Getty Images
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service.
-
MF3d via Getty Images
Frontier AI models reap rapid discovery of security vulnerabilities
Security teams have just a few months before AI-driven exploitation becomes the norm, researchers warn.
-
Getty Images
West Pharmaceutical starts restoring operations after ransomware attack
The company confirmed data was stolen and encrypted by the attackers.
-
Courtesy of Foxconn
Foxconn confirms cyberattack affecting some North American facilities
A ransomware group has claimed a major attack against the electronics manufacturer.
-
Getty Images
Instructure confirms cybersecurity incident
The ed tech company that operates Canvas said information impacted by the data breach includes messages, names, email addresses and student ID numbers.
