The Latest
-
Kena Betancur via Getty Images
Deep DiveThanksgiving holiday weekend kicks off heightened threat environment for security teams
As workers take family time and consumers race for Black Friday discounts, hackers gain an advantage to penetrate vulnerable corporate perimeters.
-
Sean Gallup via Getty Images
Microsoft tightens cloud login process to prevent common attack
Hackers have spent decades exploiting a ubiquitous type of vulnerability. Microsoft is trying to change that.
-
Getty Images
Gainsight CEO promises transparency as it responds to compromise of Salesforce integration
The company has been in regular contact with customers, and says only a handful have seen data directly impacted.
Updated Nov. 26, 2025 -
Chris McGrath via Getty Images
CISA urges mobile security as it warns of sophisticated spyware attacks
The agency’s rare warning about spyware activity comes as it updated mobile security guidance to reflect evolving threats.
-
Getty Images
Russia-aligned hackers target US company in attack linked to Ukraine war effort
A threat group called RomCom has a history of cyberattacks against entities connected to the conflict.
Updated Nov. 25, 2025 -
Michael M. Santiago via Getty Images
Hackers steal sensitive data from major banking industry vendor
The incident highlights how supply-chain compromises threaten even well-defended industries.
Updated Nov. 24, 2025 -
Courtesy of HubSpot
Gainsight says additional applications put on hold after Salesforce customers breached
The company said that Zendesk and Hubspot integrations have been deactivated as the probe continues.
-
Getty Images
Startup firm called Factory disrupts campaign designed to hijack development platform
The AI-based firm intercepted a state-linked operation that was abusing resources as part of a criminal cyber-fraud network.
-
Getty Images
Salesforce investigating campaign targeting customer environments connected to Gainsight app
Researchers warn that ShinyHunters has been compromising OAuth tokens to gain potential access to customer data.
Updated Nov. 21, 2025 -
Getty Images
SEC drops civil fraud case against SolarWinds
Cybersecurity and legal experts considered the case a potential precedent-setter for risk disclosure.
-
iStock Editorial / Getty Images Plus via Getty Images
Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation
The medium severity vulnerability can be chained together with a critical flaw in the same product, which could help attackers gain additional capabilities.
-
John McDonnell via Getty Images
FCC eliminates cybersecurity requirements for telecom companies
Commissioners sharply disagreed over whether the rules were appropriate and necessary.
-
Mark Wilson via Getty Images
FCC plan to scrap telecom cyber rules draws congressional backlash
A prominent U.S. senator wants the commission to rethink its plans.
-
Getty Images
Record-breaking DDoS attack against Microsoft Azure mitigated
The attack was linked to the Aisuru botnet, which targets compromised home routers and cameras.
-
Chip Somodevilla via Getty Images
US, allies sanction Russian bulletproof hosting firm
Authorities say the company helped ransomware gangs and supported DDoS attacks.
-
Eric Geller/Cybersecurity Dive
Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships
Cyberattacks on the U.S. are “becoming more aggressive every passing day,” the national cyber director says.
-
Eric Geller/Cybersecurity Dive
CISA, eyeing China, plans hiring spree to rebuild its depleted ranks
The agency will also change some of its workforce policies to avoid driving away talented staff.
Updated Nov. 18, 2025 -
Getty Images
Jaguar Land Rover reports major earnings impact from cyberattack
The automaker set aside hundreds of millions to help stabilize its massive international supply chain.
-
Getty Images
Hackers increasingly target operational technology, with manufacturing sector bearing the brunt
Companies should segment and monitor their networks to prevent hackers from crossing over from IT to OT, a new report said.
-
Getty Images
Critical vulnerability in Fortinet FortiWeb is under exploitation
The company faces criticism as multiple researchers claim a silent patch was issued weeks before official guidance was released.
-
Yin Yang via Getty Images
US chips away at North Korean IT worker fraud
Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security.
-
Getty Images
CISO pay is on the rise, even as security budgets tighten
Companies are increasingly lavishing benefits on their top security executives, a recent report found.
-
Permission granted by Anthropic
Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign
Researchers said a China-backed adversary conducted powerful attacks with almost no human intervention.
Updated Nov. 14, 2025 -
Sean Gallup/Getty Images via Getty Images
Western governments disrupt trifecta of cybercrime tools
Authorities seized more than 1,000 servers and 20 domains in the operation.
-
Chip Somodevilla via Getty Images
Akira engaged in ransomware attacks against critical sectors
The group has stepped up threat activity by abusing edge devices and other tools, reaping hundreds of millions of dollars in illicit gains.
Updated Nov. 14, 2025
