Threats


  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    stefanovsky via Getty Images
    Image attribution tooltip

    Researchers warn VoidProxy phishing platform can bypass MFA

    The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data exfiltration.

    By Sept. 12, 2025
  • Shoes sit on display tables and shelves in a store
    Image attribution tooltip
    Brandon Bell via Getty Images
    Image attribution tooltip
    Deep Dive

    How the retail sector teams up to defend against cybercrime

    The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.

    By Sept. 11, 2025
  • a software developer writes code while using an external monitor in an office setting Explore the Trendlineâž”
    Image attribution tooltip
    Nattakorn Maneerat via Getty Images
    Image attribution tooltip
    Trendline

    Top 5 stories from Cybersecurity Dive

    tk

    By Cybersecurity Dive staff
  • A man faces multiple computer screens.
    Image attribution tooltip
    South_agency via Getty Images
    Image attribution tooltip

    Ransomware insurance losses spike despite fewer claims: Resilience

    AI-powered phishing, “double extortion” tactics and insurance policy theft are fueling more destructive, costly ransomware attacks, the cybersecurity firm said.

    By Alexei Alexis • Sept. 10, 2025
  • software developers using computer to write code sitting at desk with multiple screens work remotely in home at night.
    Image attribution tooltip
    MTStock Studio via Getty Images
    Image attribution tooltip
    Deep Dive

    How AI and politics hampered the secure open-source software movement

    Tech giants pledged millions to secure open-source code. Then AI came along.

    By Sept. 9, 2025
  • Vegetables sit on grocery store shelves
    Image attribution tooltip
    Joe Raedle via Getty Images
    Image attribution tooltip
    Deep Dive

    How the newest ISAC aims to help food and agriculture firms thwart cyberattacks

    Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.

    By Sept. 4, 2025
  • Inside Cloudflare’s offices in San Francisco, California.
    Image attribution tooltip
    Permission granted by Cloudflare
    Image attribution tooltip

    Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree

    The breaches are part of hundreds of potential supply chain attacks linked to Salesloft Drift.

    By Sept. 3, 2025
  • The red, white, blue, and gold seal of the Federal Communications Commission hangs on a wooden wall
    Image attribution tooltip
    Mark Wilson via Getty Images
    Image attribution tooltip
    Deep Dive

    FCC investigation could derail its own IoT security certification program

    Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.

    By Sept. 2, 2025
  • A cell tower is seen in a close-up shot
    Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    US, allies warn China-linked actors still targeting critical infrastructure

    An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.

    By Aug. 27, 2025
  • New generation internet technologies and security bug.
    Image attribution tooltip
    Devrimb
    Image attribution tooltip

    Hackers steal data from Salesforce instances in widespread campaign

    Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.

    By Updated Aug. 29, 2025
  • A digital blue fingerprint lifted being lifted off a mirrored surface against a black background. Binary code makes up the fingerprint.
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    Execs worry about unknown identity-security weaknesses

    Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress.

    By Aug. 26, 2025
  • In a close-up of a severely shattered monitor screen, the display contains blue and black hues with various-sized white cracks.
    Image attribution tooltip
    Alamy
    Image attribution tooltip

    China-nexus hacker Silk Typhoon targeting cloud environments

    The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say.

    By Aug. 22, 2025
  • World image
    Image attribution tooltip
    Faruk Ibrahim Alpagut via Getty Images
    Image attribution tooltip

    US charges Oregon man in vast botnet-for-hire operation

    Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.

    By Aug. 21, 2025
  • Brightly colored digital lock with central computer processor and futuristic circuit board.
    Image attribution tooltip
    da-kuk via Getty Images
    Image attribution tooltip

    Businesses focus on AI, cloud, despite cyber defense oversights

    Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.

    By Aug. 19, 2025
  • An aerial view shows large pools of water at a wastewater treatment plant
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Water sector expands partnership with volunteer hackers

    As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.

    By Aug. 14, 2025
  • antitrust enforcement
    Image attribution tooltip
    Douglas Rissing via Getty Images
    Image attribution tooltip

    DOJ, international partners take down BlackSuit group’s infrastructure

    BlackSuit has been among the most prolific ransomware gangs in recent years, targeting government agencies, critical manufacturing companies and healthcare firms.

    By Aug. 11, 2025
  • Six men stand on a stage. Three men hold an oversized $4 million check made out to "Team Atlanta," while two of the other men flank this trio and pose for a photo with them. The sixth person stands off to the side and applauds.
    Image attribution tooltip
    Eric Geller/Cybersecurity Dive
    Image attribution tooltip

    DARPA touts value of AI-powered vulnerability detection as it announces competition winners

    The U.S. military research agency hopes to foster a new ecosystem of autonomous vulnerability remediation.

    By Aug. 8, 2025
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Chainarong Prasertthai via Getty Images
    Image attribution tooltip

    Financially motivated cluster a key player in ToolShell exploitation

    Researchers from Palo Alto Networks detail ransomware deployment and malicious backdoors in a campaign against Microsoft SharePoint users.

    By Aug. 8, 2025
  • Three men sit on chairs on a stage. One man gestures with his hands while the other two look at him.
    Image attribution tooltip
    Eric Geller/Cybersecurity Dive
    Image attribution tooltip

    CISA officials say agency is moving ahead despite workforce purge

    Two senior officials defended the agency’s progress amid concerns about the effects of mass layoffs and budget cuts.

    By Aug. 8, 2025
  • An aerial view shows a series of buildings, parking lots, and highways
    Image attribution tooltip
    Patrick Smith via Getty Images
    Image attribution tooltip

    NSA partnering with cyber firms to support under-resourced defense contractors

    The spy agency has sought out creative ways to help protect small companies supplying the U.S. military.

    By Aug. 7, 2025
  • exclamation point depicted hovering above network infrastructure
    Image attribution tooltip
    Just_Super/Getty Images via Getty Images
    Image attribution tooltip

    SonicWall says recent attack wave involved previously disclosed flaw, not zero-day

    The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 firewalls.

    By Aug. 7, 2025
  • A large sign reading "Black Hat" sits in the carpeted foyer of a convention center
    Image attribution tooltip
    Eric Geller/Cybersecurity Dive
    Image attribution tooltip

    US still prioritizing zero-trust migration to limit hacks’ damage

    The zero-trust initiative, which gained steam during the Biden administration, is still underway.

    By Updated Aug. 7, 2025
  • Illustration of locks layered above circuity.
    Image attribution tooltip
    Traitov/iStock/Getty via Getty Images
    Image attribution tooltip

    SonicWall investigating possible zero-day related to firewall attacks

    Researchers recently warned about a surge in Akira ransomware attacks linked to a potential SonicWall vulnerability.

    By Aug. 5, 2025
  • AI Artificial Intelligence Security, Digital Information Protected Secured Lock
    Image attribution tooltip
    Just_Super via Getty Images
    Image attribution tooltip

    AI is helping hackers automate and customize cyberattacks

    CrowdStrike’s annual cyber-threat-hunting report reveals the double threat that AI poses to many businesses.

    By Aug. 4, 2025
  • Exterior view of Microsoft's Vancouver office in Canada on December 22, 2023.
    Image attribution tooltip
    hapabapa via Getty Images
    Image attribution tooltip

    Palo Alto Networks investigating ransomware threat related to SharePoint exploitation

    Researchers said an unidentified hacker demanded a ransom after an intrusion linked to the SharePoint flaw.  

    By Aug. 1, 2025
  • Hooded person types on computer in a dark room with multiple monitors and cables everywhere.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Ransomware gangs capitalize on law enforcement takedowns of competitors

    After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux.

    By July 31, 2025