Threats
-
Majid Saeedi via Getty Images
Pro-Russia actors team with Iran-linked hackers in attacks
The groups formed a loose alliance in recent days, targeting critical infrastructure in the Middle East and the U.S.
By David Jones • Updated 5 hours ago -
Getty Images
Ransomware is now less about malware and more about impersonation
Stolen passwords have replaced infectious code as the most common tactic in major breaches, Cloudflare said.
By Eric Geller • March 3, 2026 -
Explore the Trendline➔
Getty Images
-
Majid Saeedi via Getty Images
Iran-linked hackers raise threat level against US, allies
Security researchers warn that hacktivists and state-linked groups are using DDoS, phishing and other tactics against critical infrastructure.
By David Jones • Updated March 2, 2026 -
Getty Images
‘Resurge’ malware can remain undetected on devices
CISA previously issued an alert about attacks that exploited a vulnerability in Ivanti Connect Secure.
By David Jones • Updated Feb. 27, 2026 -
peshkov via Getty Images
AI accelerates lateral movement in cyberattacks
New research paints a grim picture of how the technology is making cyberattacks faster and easier for threat actors.
By Eric Geller • Feb. 26, 2026 -
Getty Images
CISA orders agencies to patch Cisco devices now under attack
The vulnerabilities, scored as critical, affect the company’s software-defined wide-area networking (SD-WAN) systems.
By Eric Geller • Feb. 25, 2026 -
Kevin Frayer via Getty Images
China-linked hackers breached dozens of telecoms, government agencies
The cyberattacks used a clever technique: malware that hid in plain sight on Google Sheets.
By Eric Geller • Feb. 25, 2026 -
Getty Images
In the AI era, CISOs worry about data leaks and doubt tech will solve skills gaps
CISOs see AI as necessary but insufficient technology and fraught with risks, a new report found.
By Eric Geller • Feb. 24, 2026 -
Matt Kapko/Cybersecurity Dive
Threat groups move at record speeds, as AI helps scale attacks
A report by CrowdStrike shows cybercrime groups are outpacing security teams and increasingly abusing legitimate tools.
By David Jones • Feb. 24, 2026 -
iStock Editorial / Getty Images Plus via Getty Images
AI helps novice threat actor compromise FortiGate devices in dozens of countries
Generative AI tools analyzed target networks and wrote exploit code, enabling an opportunistic attacker to have an outsized impact, according to a new Amazon report.
By Eric Geller • Feb. 23, 2026 -
Getty Images
BeyondTrust Remote Support exploitation ramps up with backdoors, remote tools
Researchers warn that thousands of instances may still be vulnerable to exploitation activity.
By David Jones • Updated Feb. 20, 2026 -
Getty Images
US Treasury Department offers secure AI advice to financial services firms
The agency developed the resources in partnership with financial executives and other regulators.
By Eric Geller • Feb. 20, 2026 -
Michael M. Santiago via Getty Images
AI’s ‘connective tissue’ is woefully insecure, Cisco warns
In a new report, the company also said businesses should beware of the “SolarWinds of AI.”
By Eric Geller • Feb. 19, 2026 -
Getty Images
Identity and supply chain need more attention, risk intelligence firm says
Roughly a third of attacks now use stolen credentials, according to the company’s latest report.
By Eric Geller • Feb. 18, 2026 -
Getty Images
Newly identified hacking groups provide access to OT environments
A state-linked adversary has begun to pivot from the Ukraine war with new attacks targeting Europe and the U.S.
By David Jones • Feb. 17, 2026 -
Getty Images
Data-only extortion grows as ransomware gangs seek better profits
Businesses should prioritize securing one type of technology in particular, the security firm Arctic Wolf said in a new report.
By Eric Geller • Feb. 17, 2026 -
Commvault via Midjourney
Sponsored by CommvaultWhen AI agent security controls are enough – and when they’re not
Not all AI agents carry the same risk. Four zones that help determine when built-in controls are enough.
Feb. 17, 2026 -
katleho Seisa via Getty Images
Ransomware attacks increase against IT and food sectors
Social engineering and zero-day vulnerability weaponization are getting faster and easier, two information sharing and analysis centers said in new reports.
By Eric Geller • Feb. 13, 2026 -
Getty Images
CISA will shutter some missions to prioritize others
The agency has lost roughly one-third of its workforce since January 2025.
By Eric Geller • Updated Feb. 13, 2026 -
Eric Geller/Cybersecurity Dive
CISA seeks infrastructure sector consultation on incident reporting rule
The agency is particularly interested in feedback on several aspects of the long-awaited regulation.
By Eric Geller • Feb. 12, 2026 -
Getty Images
SmarterMail facing widespread attacks targeting critical flaws
The business email and collaboration software is being exploited for potential ransomware.
By David Jones • Feb. 12, 2026 -
shutterstock.com/whiteMocca
Sponsored by 10KMediaThe Future of DAST in an AI-First World: Why Runtime Security Testing Remains Critical
Runtime validation is where the gap is widening—and where this shift creates the biggest leap forward.
By Joni Klippert, CEO of StackHawk • Feb. 12, 2026 -
Getty Images
Extortion attacks on the rise as hackers prioritize supply-chain weaknesses
Consulting firms and manufacturing companies accounted for many of the ransomware victims posted to the dark web in 2025, Intel 471 said.
By Eric Geller • Feb. 11, 2026 -
Mario Tama via Getty Images
Polish power grid hack offers lessons for critical infrastructure operators, CISA says
The agency listed several steps businesses could take to prevent similar cyberattacks.
By Eric Geller • Feb. 10, 2026 -
hapabapa via Getty Images
FTC data highlights online threats to consumers and businesses
The commission listed several steps companies can take to fend off attacks.
By Eric Geller • Feb. 9, 2026
