Social engineering gains ground as preferred method of initial access

Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks. 

Updated Oct. 21, 2025

AI-fueled automation helps ransomware-as-a-service groups stand out from the crowd

Ransomware gangs that offer their affiliates customization and automation are growing faster than those that don’t, a new report finds.

Why security awareness training doesn’t work — and how to fix it

Companies have built their security strategies around phishing simulations and educational webinars, tactics that research shows are ineffective.

Top cybersecurity conferences to attend in 2026

Security experts will come together to hear about the latest risk management strategies, novel hacking techniques, cyber governance and the technologies enterprises need to defend their networks.

F5 supply chain hack endangers more than 600,000 internet-connected devices

The enterprise device vendor has patched several vulnerabilities that hackers discovered after breaching its networks.

Fortune 500 companies designate specialist roles to bolster security operations teams

Four in 10 companies have created deputy CISO roles as regulatory concerns require greater board engagement.

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

Many IT leaders click phishing links, and some don’t report them

A new survey shines light on the security practices and AI fears of IT leaders and their subordinates.

Nation-state hackers breached sensitive F5 systems, stole customer data

The federal government is scrambling to determine if any agencies have been hacked.

CISA’s latest cuts reignite concerns among Democratic lawmakers

A congressman on a key subcommittee suggests that shrinking CISA leaves Americans exposed to mounting cyber threats.

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Companies are concerned about deepfakes and unauthorized AI tools, and board committees are increasing their oversight responsibilities.

Layoffs, reassignments further deplete CISA

Some CISA staffers have been pushed out, while others are being told to move across the country for jobs outside their skill sets.

SonicWall SSLVPN devices compromised using valid credentials

More than 100 SonicWall SSLVPN accounts have been impacted, according to Huntress.

Oracle E-Business Suite exploitation traced back as early as July

Researchers say an extortion campaign linked to the Clop ransomware group used a series of chained vulnerabilities and sophisticated malware.

SonicWall investigation shows hackers gained wide access to customer backup files

The probe contradicts earlier claims that a limited set of MySonicWall customers were impacted. 

Cyber risk a growing priority among insurance and asset management firms

A report by Moody’s shows an emphasis on board-level oversight and spending in order to boost cyber resilience.

Risk mitigation budgets swell as enterprise AI adoption grows

Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data.

Salesforce refuses to submit to extortion demands linked to hacking campaigns

The company said it is aware of recent claims, but will not negotiate or pay a ransom.

AI fuels social engineering but isn’t yet revolutionizing hacking

AI tools are still too computationally intense for cybercriminals to rely on, according to a new report.

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

Businesses fear AI exposes them to more attacks

More than half of companies have already faced AI-powered phishing attacks, a new survey finds.

Hackers steal sensitive Red Hat customer data after breaching GitLab repository

Walmart, American Express and HSBC are among the companies that have had sensitive data exposed.

Updated Oct. 6, 2025

Extortion campaign targeting Oracle E-Business Suite customers linked to zero-day

Mandiant researchers said Clop ransomware is indeed linked to a series of emails threatening to release stolen data. 

Oracle investigating extortion emails targeting E-Business Suite customers

Hackers claiming links to Clop ransomware could be exploiting vulnerabilities disclosed in a July critical patch update.

Renault Group confirms UK customer data stolen in third-party breach

The incident marks the latest in a series of recent cyberattacks impacting the auto industry.