Cyberattacks


  • A large sign sits out front of construction technology firm Trimble's headquarters in Westminster, Colorado. The sign reads "Trimble", and a large building looms in the background.
    Image attribution tooltip
    Courtesy of Trimble
    Image attribution tooltip

    CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE

    The software is widely used in projects by local governments, utilities, airports and other facilities.

    By Feb. 10, 2025
  • HPE, Juniper, Cisco, DOJ
    Image attribution tooltip
    JHVEPhoto via Getty Images
    Image attribution tooltip

    HPE issues breach notifications for 2023 Midnight Blizzard attack

    Russian state-sponsored hackers compromised the tech giant's Office 365 email environment.

    By Feb. 10, 2025
  • Green lights show behind plugged-in cables.
    Image attribution tooltip
    gorodenkoff/iStock via Getty Images
    Image attribution tooltip

    Suspected botnet targets edge devices using brute force attacks

    Researchers warn of a surge in attempted logins targeting devices from SonicWall, Palo Alto Networks and others.

    By Feb. 7, 2025
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images
    Image attribution tooltip

    Hackers deployed web shells, exploited public-facing applications in Q4

    A Cisco Talos report also indicated a sharp increase in remote access tools being leveraged in ransomware. 

    By Feb. 6, 2025
  • DeepSeek logo in front of China's flag.
    Image attribution tooltip
    Anthony Kwan/Getty Images via Getty Images
    Image attribution tooltip

    DeepSeek surge hits companies, posing security risks

    The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.

    By Alexei Alexis • Feb. 5, 2025
  • Ransomware spelled out in a creative depiction.
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Ransomware payments fell 35% in 2024

    Cyberattacks using ransomware spiked in the second half of the year, but fewer victims paid up.

    By Feb. 5, 2025
  • Rhode Island Chief Digital Officer Brian Tardiff and Gov. Dan McKee speak at a Dec. 30 press briefing on the cyberattack against the RIBridges social services database. The officials held a Jan. 10 briefing to notify thousands of recipients that breach notification letters were being mailed out.
    Image attribution tooltip
    Courtesy of Rhode Island
    Image attribution tooltip

    Deloitte pays $5M in connection with breach of Rhode Island benefits site

    The company agreed to cover expenses related to recovery from the December cyberattack.

    By Feb. 5, 2025
  • Cyber Security Data Breach Protection Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    State-linked hackers deploy macOS malware in fake job interview campaign

    Actors linked to North Korea bypassed Apple security using malware called FlexibleFerret.

    By Robert Wright, Contributing Reporter • Feb. 4, 2025
  • Team of hackers dressed in black work on computers in dark room.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    SonicWall SMA 1000 series appliances left exposed on the internet

    The company last week confirmed attackers are actively exploiting a critical vulnerability in the devices. 

    By Jan. 28, 2025
  • Engineer in network server room.
    Image attribution tooltip
    Stock photos via Getty Images
    Image attribution tooltip
    Deep Dive

    Network security tool defects are endemic, eroding enterprise defense

    When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers.

    By Jan. 28, 2025
  • Exterior shot of a corporate campus,
    Image attribution tooltip
    Scott Olson/Getty Images via Getty Images
    Image attribution tooltip

    Procter & Gamble operations unhindered by Blue Yonder disruption

    The consumer goods company built an in-house solution to keep orders moving as its transportation management system provider navigated a ransomware attack.

    By Kelly Stroh • Jan. 28, 2025
  • UnitedHealth Group office
    Image attribution tooltip
    Courtesy of UnitedHealth Group
    Image attribution tooltip

    UnitedHealth hikes number of Change cyberattack breach victims to 190M

    The new estimate nearly doubles the company’s previous report of 100 million affected individuals, already the largest healthcare data breach ever reported to federal regulators.

    By Emily Olsen • Jan. 27, 2025
  • Statue of Alexander Hamilton.
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    BeyondTrust says 17 customers impacted by December cyberattack spree

    State-linked hackers were linked to a series of attacks that led to the theft of unclassified data from the Treasury Department.

    By Jan. 24, 2025
  • cybersecurity, matrix, abstract
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Attackers lodge backdoors into Ivanti Connect Secure devices

    Shadowserver scans found 379 compromised Ivanti Connect Secure devices. Researchers said the situation is serious and likely impacts more organizations.

    By Jan. 24, 2025
  • A closeup shot of long colorful lines of code on a computer screen.
    Image attribution tooltip
    Wirestock via Getty Images
    Image attribution tooltip

    Ivanti zero-days chained together in at least 3 attacks, authorities warn

    The vendor’s customers have confronted multiple attack sprees targeting zero-days spanning a variety of products.

    By Jan. 23, 2025
  • White building with trees and large path in front
    Image attribution tooltip
    CharlieTong via Getty Images
    Image attribution tooltip

    Government payments contractor Conduent confirms cyberattack impacts multiple states

    The incident led to delays in processing child support payments in Wisconsin.

    By Jan. 23, 2025
  • Hand grabbing password out of blurred code.
    Image attribution tooltip
    LuisPortugal/Getty Images Plus via Getty Images
    Image attribution tooltip

    Google Cloud links poor credentials to nearly half of all cloud-based attacks

    Cloud services with weak credentials were a prime target for attackers, often resulting in lateral movement attempts, a Google Cloud report found.

    By Jan. 22, 2025
  • A row of students learning how to code while working at a classroom computer.
    Image attribution tooltip
    izusek via Getty Images
    Image attribution tooltip

    PowerSchool data breach brings claims of negligence, poor cyber hygiene

    The K-12 software company is facing legal pushback and criticism following a cyberattack that impacted a still unknown number of districts.

    By Anna Merod • Jan. 22, 2025
  • Capitol Hill lit up at night
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    CISA clocked Salt Typhoon in federal networks before telecom intrusions

    Outgoing CISA Director Jen Easterly didn’t say what agencies were impacted by Salt Typhoon or when, but noted it provided greater visibility into the active campaign.

    By Jan. 16, 2025
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Ivanti zero-day has researchers scrambling

    Threat hunters are on high alert as 900 Ivanti Connect Secure instances remain unpatched and vulnerable to exploitation, according to Shadowserver.

    By Jan. 13, 2025
  • Rhode Island Chief Digital Officer Brian Tardiff and Gov. Dan McKee speak at a Dec. 30 press briefing on the cyberattack against the RIBridges social services database. The officials held a Jan. 10 briefing to notify thousands of recipients that breach notification letters were being mailed out.
    Image attribution tooltip
    Courtesy of Rhode Island
    Image attribution tooltip

    Hack of Rhode Island social services platform impacted at least 709K, officials say

    State officials received reports from Deloitte and a third-party forensic firm showing the threat to the database has been mitigated and restoration efforts are underway.

    By Jan. 10, 2025
  • Group of people working in a modern board room with augmented reality interface, all objects in the scene are 3D
    Image attribution tooltip
    piranka via Getty Images
    Image attribution tooltip

    4 cybersecurity trends to watch in 2025

    Critical industries are up against never before seen challenges to remain secure and operational, while regulatory pressures have completely upended the role of the CISO in corporate America.

    By , Jan. 9, 2025
  • A closeup shot of long colorful lines of code on a computer screen.
    Image attribution tooltip
    Wirestock via Getty Images
    Image attribution tooltip

    Ivanti customers confront new zero-day with suspected nation-state nexus

    The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.

    By Jan. 9, 2025
  • Telecom network above a city
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    AT&T, Verizon say they evicted Salt Typhoon from their networks

    Two of the largest telecom providers in the U.S. said the China-government sponsored threat group is no longer embedded in their networks.

    By Jan. 7, 2025
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA says hack targeting Treasury Department did not impact other federal agencies

    BeyondTrust says an investigation of a December attack spree is nearing completion and SaaS instances are fully patched. Hackers used a stolen key to attack Treasury workstations.

    By Jan. 7, 2025