Context is key in a world of identity-based attacks and alert fatigue

A new report highlights why businesses struggle to separate true cyber threats from false positives.

By Eric Geller • Sept. 16, 2025

How the retail sector teams up to defend against cybercrime

The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.

By Eric Geller • Sept. 11, 2025

Explore the Trendline➔

Top 5 stories from Cybersecurity Dive

tk

By Cybersecurity Dive staff

How AI and politics hampered the secure open-source software movement

Tech giants pledged millions to secure open-source code. Then AI came along.

By Eric Geller • Sept. 9, 2025

Bridgestone Americas continues probe as it looks to restore operations

The tiremaker disclosed a cyberattack just days after Jaguar Land Rover was impacted by a major hack that also disrupted production at certain locations. 

By David Jones • Sept. 9, 2025

Salesloft platform integration restored after probe reveals monthslong GitHub account compromise

An investigation by Mandiant found the attack began months ago, leading to a major supply chain attack.

By David Jones • Sept. 8, 2025

Researchers warn of zero-day vulnerability in SiteCore products

Mandiant said it was able to disarm a ViewState deserialization attack leveraging exposed ASP.NET keys.

By David Jones • Updated Sept. 4, 2025

How the newest ISAC aims to help food and agriculture firms thwart cyberattacks

Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.

By Eric Geller • Sept. 4, 2025

Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree

The breaches are part of hundreds of potential supply chain attacks linked to Salesloft Drift.

By David Jones • Sept. 3, 2025

Palo Alto Networks, Zscaler customers impacted by supply chain attacks

A hacking campaign using credentials linked to Salesloft Drift has impacted a growing number of companies, including downstream customers of leading cybersecurity firms.

By David Jones • Sept. 2, 2025

Federal, state officials investigating ransomware attack targeting Nevada

The Sunday attack disrupted key services across the state and led to the theft of some data.

By David Jones • Updated Aug. 29, 2025

US, allies warn China-linked actors still targeting critical infrastructure

An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.

By Eric Geller • Aug. 27, 2025

Hackers steal data from Salesforce instances in widespread campaign

Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.

By David Jones • Updated Aug. 29, 2025

Credential harvesting campaign targets ScreenConnect cloud administrators

Researchers warn that attackers are using compromised Amazon email accounts in spear-phishing attacks that may lead to ransomware infections.

By David Jones • Aug. 25, 2025

FBI, Cisco warn of Russia-linked hackers targeting critical infrastructure organizations

The intrusions have exploited a vulnerability in Cisco’s networking equipment software.

By Eric Geller • Aug. 20, 2025

Pharmaceutical firm Inotiv investigating ransomware attack that disrupted operations

The company says it doesn’t yet know if the incident will have a material impact.

By David Jones • Aug. 20, 2025

Hackers target Workday in social engineering attack

Researchers cite increasing evidence of collaboration between Scattered Spider and the cybercrime group ShinyHunters in the campaign.

By David Jones • Aug. 19, 2025

Developers knowingly push vulnerable code, despite growing breach risk

Only three in 10 respondents said their application security programs were highly mature.

By Eric Geller • Aug. 15, 2025

Citrix NetScaler flaws lead to critical infrastructure breaches

Dutch authorities said hackers penetrated several critical infrastructure providers, in a warning sign for vulnerable organizations elsewhere.

By Eric Geller • Updated Aug. 12, 2025

DARPA touts value of AI-powered vulnerability detection as it announces competition winners

The U.S. military research agency hopes to foster a new ecosystem of autonomous vulnerability remediation.

By Eric Geller • Aug. 8, 2025

SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 firewalls.

By David Jones • Aug. 7, 2025

SonicWall investigating possible zero-day related to firewall attacks

Researchers recently warned about a surge in Akira ransomware attacks linked to a potential SonicWall vulnerability.

By David Jones • Aug. 5, 2025

AI is helping hackers automate and customize cyberattacks

CrowdStrike’s annual cyber-threat-hunting report reveals the double threat that AI poses to many businesses.

By Eric Geller • Aug. 4, 2025

Ransomware spike linked to potential zero-day flaw in SonicWall devices

Researchers say hackers using the Akira ransomware strain may be exploiting the vulnerability en masse.

By David Jones • Updated Aug. 4, 2025

Ransomware gangs capitalize on law enforcement takedowns of competitors

After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux.

By Eric Geller • July 31, 2025

What we know about the cybercrime group Scattered Spider

The notorious hacker collective has attracted the attention of government authorities in several nations around the globe. 

By David Jones • July 30, 2025