Cyberattacks top list of global business concerns, Kroll finds

Many companies feel unprepared to comply with global privacy and security rules, according to the advisory firm’s annual business sentiment survey.

By Eric Geller • June 13, 2025

Global law-enforcement operation targets infostealer malware

Authorities in three countries arrested 32 people and seized dozens of servers.

By Eric Geller • June 11, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Marks & Spencer restores some online-order operations following cyberattack

The department store chain six weeks ago was one of the first targets in an international spree of attacks disrupting retailers.

By David Jones • June 10, 2025

From malware to deepfakes, generative AI is transforming attacks

Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner.

By Eric Geller • June 10, 2025

Scattered Spider targeting MSPs, IT vendors in social engineering campaigns

The same group is believed to be behind a wave of attacks against retailers in the UK, the US and elsewhere.

By David Jones • June 9, 2025

Data security is a CX issue, too

A string of cyberattacks have targeted retailers like Adidas and North Face. Incidents like these can weaken customer trust and lead to lost business, experts say.

By Kristen Doerer • June 9, 2025

SentinelOne rebuffs China-linked attack — and discovers global intrusions

The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.

By Eric Geller • Updated June 9, 2025

Main distributor to Whole Foods hit by cyberattack

UNFI, a grocery retailer and wholesaler, is working to resume full operations following “unauthorized activity” involving its IT systems.

By Sam Silverstein • June 9, 2025

Corporate executives face mounting digital threats as AI drives impersonation

Malicious actors are using deepfakes and voice-cloning technology to target senior executives in both the workplace and personal spaces.

By David Jones • June 6, 2025

FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques

The hacker group has breached hundreds of organizations and is working with others to exploit flaws in a popular remote support tool.

By David Jones • June 5, 2025

Hackers abuse malicious version of Salesforce tool for data theft, extortion

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

By David Jones • June 4, 2025

Victoria’s Secret postponing release of report earnings amid breach impact

The intrusion follows a string of attacks that appear to be the work of the cybercrime gang Scattered Spider.

By David Jones • June 3, 2025

Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy

After years of confusion, leading threat-intelligence companies will streamline how they name threat groups.  

By David Jones • June 2, 2025

ConnectWise warns of threat activity linked to suspected nation-state hackers

The company said suspicious activity has affected a limited number of ScreenConnect customers.

By David Jones • Updated May 30, 2025

Victoria’s Secret shuts down website in response to security incident

Although stores are open, the company has also halted some in-store services as it works to fully restore operations. 

By Kaarin Moore • May 29, 2025

Google: China-backed hackers hiding malware in calendar events

The APT41 nation-state threat group is exploiting yet another cloud service to mask its operations, according to new research.

By Eric Geller • May 29, 2025

Thousands of ASUS routers compromised in sophisticated hacking campaign

Researchers have previously linked the suspected threat actor, dubbed ViciousTrap, to the exploitation of Cisco routers.

By David Jones • May 29, 2025

CFOs, financial execs in crosshairs of ‘highly targeted’ spearphishing campaign

Hackers are preying on senior corporate leaders at banks, investment firms, utilities and insurance companies worldwide.

By Eric Geller • Updated May 29, 2025

Microsoft, Dutch government discover new Russian hacking group

The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.

By Eric Geller • Updated May 28, 2025

US authorities charge 16 in operation to disrupt DanaBot malware

Authorities said malware linked to Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code.

By David Jones • May 27, 2025

US, allies recommend security protections for AI models

The joint guidance comes as officials fear how hackers could manipulate AI systems, especially in critical infrastructure.

By Eric Geller • May 22, 2025

Russia stepping up attacks on firms aiding Ukraine, Western nations warn

One of Moscow’s most infamous hacker teams is targeting logistics and technology companies supporting Kyiv’s war effort.

By Eric Geller • May 21, 2025

Microsoft leads international takedown of Lumma Stealer

The Lumma infostealer malware is a popular way for hackers to steal passwords, credit cards and cryptocurrency wallets.

By David Jones • May 21, 2025

FBI warns senior US officials are being impersonated using texts, AI-based voice cloning

Hackers are increasingly using vishing and smishing for state-backed espionage campaigns and major ransomware attacks.

By David Jones • May 16, 2025

GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China

The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.

By Eric Geller • May 15, 2025