Major critical infrastructure disruptions are inevitable, acting CISA chief says

In recent years, the U.S. government has reoriented its cybersecurity strategy away from prevention and toward resilience.

By Eric Geller • June 17, 2026

California water utility probes breach claim by Iran-linked actor

The group Handala said it attacked one of the nation’s largest water companies.

By David Jones • June 17, 2026

Explore the Trendline➔

Managing identity sprawl

Cyber threat actors know the simplest way to hack into an enterprise and remain under the radar is with stolen, legitimate user credentials -- and cloud services and AI are making managing and securing digital identities more challenging than ever.

By Cybersecurity Dive staff

AI adoption correlates with incident frequency, underscoring need for governance

Even organizations that haven’t been breached expect an AI-related incident in the near future, a new survey found.

By Eric Geller • June 16, 2026

China-nexus group linked to multiyear campaign targeting US, Canadian medical research

A report from Google links a sophisticated espionage effort targeting information about viruses, AI and military information.

By David Jones • June 15, 2026

Cybersecurity experts blast US government for restricting Anthropic’s AI models

Chief information security officers and prominent researchers called a recent export-control ban “dangerous.”

By Eric Geller • June 15, 2026

MS-ISAC enters uncertain new era after losing federal funding and thousands of members

The information-sharing group, a vital resource for state and local governments, has cut staff and pinned its hopes on a membership surge.

By Eric Geller • June 15, 2026

Agentic AI surges in financial sector even as many firms fail to manage security risks

One-fifth of firms aren’t even sure if they’ve been hacked through their AI tools, according to a new report.

By Eric Geller • June 12, 2026

It’s Mythos’ world now. How do we live in it?

Anthropic's powerful model raises difficult questions about how government and industry should work together to safeguard systems in the AI era.

By Eric Geller • June 12, 2026

Enterprises report increasing budgets for security training in AI and other critical topics

Finding the time to train employees remains the biggest impediment to programs’ success, according to a new report.

By Eric Geller • June 11, 2026

FIFA World Cup expected to face extensive criminal, hacktivist cyber threats

Researchers warn that thousands of malicious domains are already in place, as fans and tournament organizers face potential attacks.

By David Jones • June 11, 2026

CISA gives agencies new vulnerability remediation deadlines that take risk levels into account

The cybersecurity agency says it wants to help network defenders prioritize the fixes that matter the most.

By Eric Geller • Updated June 10, 2026

Companies are failing to keep up with AI’s identity sprawl, creating entry points for hackers

Three-quarters of organizations say they aren’t fully overseeing the activities of user accounts belonging to agents and other AI tools.

By Eric Geller • June 10, 2026

IT sector faces growing threats from IP-hungry China, AI-enabled cybercriminals

Businesses also need to watch out for North Korean remote IT worker schemes, according to a new CrowdStrike report.

By Eric Geller • June 9, 2026

Companies aren’t prepared for how AI is accelerating impersonation attacks

Businesses generally aren’t taking a proactive enough approach to blocking schemes that spoof their leaders’ identities, according to a new report.

By Eric Geller • June 8, 2026

Cisco warns zero-day flaw in SD-WAN is being exploited

The company cautioned that no current patches are available and the flaw could allow an attacker to conduct command injection attacks.

By David Jones • June 5, 2026

Sprawling new House AI bill includes frontier model oversight, open-source security grants

The legislation has already drawn widespread criticism for its proposal to preempt state AI laws.

By Eric Geller • June 5, 2026

‘Don’t panic’: AI reality checks dominate major cybersecurity conference

CISOs and their colleagues should focus on network security basics, not overhyped AI promises, analysts said at a Gartner cybersecurity event.

By Eric Geller • June 3, 2026

CISA, FBI warn that hackers are targeting systems used to monitor industrial fluids

Automatic tank gauge systems are widely used across multiple industries, including energy, agriculture and transportation.

By David Jones • June 3, 2026

Trump signs EO seeking early government access to powerful AI models

The directive represents an about-face for an administration that previously repudiated government AI reviews.

By Eric Geller • Updated June 2, 2026

Turning tension into collaboration: How CIOs and CISOs can lead together

If properly managed and channeled, age-old friction between IT and cybersecurity can create a more resilient organization.

By Tom Scholtz, Distinguished VP Analyst, Gartner • June 2, 2026

CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation

The vulnerability in a vital defensive technology creates serious risks for federal networks, CISA said.

By Eric Geller • June 1, 2026

CISA urges security teams to check for software development compromises

The agency warned about a wave of attacks targeting credentials and other secrets across critical supply chains.

By David Jones • May 29, 2026

IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities

The tech giant’s project could make it easier for businesses to safely use open-source packages.

By Eric Geller • May 28, 2026

Enterprise data is creeping its way into shadow AI tools

Executives and employees are clashing over usage policies as AI security concerns rise, an Okta report found.

By Paige Gross • May 28, 2026

Coordinated operation takes down Glassworm botnet

The botnet began in early 2025, targeting software developers across the open-source supply chain.

By David Jones • May 27, 2026