The Latest
-
Deep Dive
FCC investigation could derail its own IoT security certification program
Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.
-
US, allies warn China-linked actors still targeting critical infrastructure
An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.
-
Federal, state officials investigating ransomware attack targeting Nevada
The Sunday attack disrupted key services across the state and led to the theft of some data.
Updated Aug. 29, 2025 -
NetScaler warns hackers are exploiting zero-day vulnerability
The company is urging customers to patch their devices immediately, saying the flaw could lead to denial of service or remote code execution.
-
Safety-critical industries wary about using AI for cybersecurity
Finance, tech and professional services are among the sectors with the widest adoption of AI-based security tools, according to a new report.
-
Hackers steal data from Salesforce instances in widespread campaign
Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.
Updated Aug. 29, 2025 -
Execs worry about unknown identity-security weaknesses
Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress.
-
CISOs grow more concerned about risk of material cyberattack
A report by Proofpoint shows growing anxiety among security leaders about their companies’ cyber readiness.
-
Credential harvesting campaign targets ScreenConnect cloud administrators
Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA updates SBOM recommendations
The document is primarily meant for federal agencies, but CISA hopes businesses will also use it to push vendors for software bills of materials.
-
China-nexus hacker Silk Typhoon targeting cloud environments
The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say.
-
US charges Oregon man in vast botnet-for-hire operation
Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.
-
Cyber, AI drive software spending to double-digit growth through 2029
Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.
-
FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations
The intrusions have exploited a vulnerability in Cisco’s networking equipment software.
-
Hackers target Workday in social engineering attack
Researchers cite increasing evidence of collaboration between Scattered Spider and the cybercrime group ShinyHunters in the campaign.
-
Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations
The company says it doesn’t yet know if the incident will have a material impact.
-
Palo Alto Networks shares surge after company releases strong annual forecast
The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.
-
Businesses focus on AI, cloud, despite cyber defense oversights
Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.
-
NIST seeks input on control overlays for securing AI systems
The federal agency plans to develop guidance to organizations about various AI use cases.
-
Developers knowingly push vulnerable code, despite growing breach risk
Only three in 10 respondents said their application security programs were highly mature.
-
Cybersecurity ranks among top three risks to manufacturing sector
Most companies are planning major AI investments to address growing threats to OT systems.
-
Water sector expands partnership with volunteer hackers
As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.
-
Trump administration cyber cuts eroding private sector’s trust, confidence
A report by Swimlane shows companies are reducing cybersecurity spending and security teams are experiencing increasing pressure.
Updated Aug. 14, 2025 -
White House urged to revamp cyber regulations
A leading trade group said the Trump administration should rein in a major pending cybersecurity rule as well as embrace AI-based cyber defenses.
-
US agencies, international allies issue guidance on OT asset inventorying
The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.