Threats


  • Oracle's Silicon Valley corporate headquarters in Redwood City, California picture on Oct. 26, 2019.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Oracle investigating extortion emails targeting E-Business Suite customers

    Hackers claiming links to Clop ransomware could be exploiting vulnerabilities disclosed in a July critical patch update.

    By Oct. 3, 2025
  • Cyberhackers-Ransomware
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Hackers claiming ties to Clop launch wide extortion campaign targeting corporate executives

    The email-based campaign purports to have sensitive data from breached Oracle E-Business Suite applications. 

    By Oct. 2, 2025
  • Trendline

    Risk Management

    An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

    By Cybersecurity Dive staff
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Cisco firewall flaws endanger nearly 50,000 devices worldwide

    The U.S., the U.K. and Japan lead the list of the most vulnerable countries.

    By Sept. 30, 2025
  • Fuel holding tanks are seen in an overhead view
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    Critical infrastructure operators add more insecure industrial equipment online

    The problem isn’t limited to legacy technology. New devices are exposed with critical vulnerabilities.

    By Sept. 25, 2025
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    CISA urges dependency checks following Shai-Hulud compromise

    Security teams are urged to review their software environments after a major supply chain attack on the NPM ecosystem.

    By Sept. 24, 2025
  • Travelers arrive at London's Heathrow Airport.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    UK authorities arrest man in connection with cyberattack against aviation vendor

    The attack against Collins Aerospace led to significant flight disruptions at Heathrow and other major European hubs.

    By Sept. 24, 2025
  • A Chinese flag flutters in front of a Chinese government building, on top of which other Chinese flags are flying
    Image attribution tooltip
    Kevin Frayer via Getty Images
    Image attribution tooltip

    China-linked groups are using stealthy malware to hack software suppliers

    Google, which disclosed the campaign, said it was one of the most significant supply-chain hacks in recent memory.

    By Sept. 24, 2025
  • The letters AI on a digital block
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    AI-powered vulnerability detection will make things worse, not better, former US cyber official warns

    Patching won’t be able to keep up with discovery, said Rob Joyce, who once led the National Security Agency's elite hacking team.

    By Sept. 22, 2025
  • A large hallway with supercomputers inside a server room data center.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Evolving AI attacks, rapid model adoption worry cyber defenders

    IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report.

    By Sept. 19, 2025
  • Healthcare worker works on a digital tablet
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Healthcare firms’ hack-related losses outpace those of other sectors

    Companies in the healthcare sector experienced far more attacks costing more than $500,000 compared with organizations in other industries, according to a new report.

    By Sept. 18, 2025
  • The Microsoft logo is seen at an Experience Center on Fifth Avenue on April 03, 2024 in New York City.
    Image attribution tooltip
    Michael M. Santiago via Getty Images
    Image attribution tooltip

    Microsoft disrupts global phishing campaign that led to widespread credential theft

    Officials say the operation led to ransomware and BEC attacks on U.S. hospitals and healthcare organizations.

    By Sept. 17, 2025
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Context is key in a world of identity-based attacks and alert fatigue

    A new report highlights why businesses struggle to separate true cyber threats from false positives.

    By Sept. 16, 2025
  • The Salesforce cloud logo is pictured on the software company's headquarters in New York on Aug. 18, 2022.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    FBI warns about 2 campaigns targeting Salesforce instances

    The threat groups, identified as UNC6040 and UNC6395, have used different tactics to gain access to data.

    By Sept. 15, 2025
  • Illustrated man with fishing hook stealing key
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Researchers warn VoidProxy phishing platform can bypass MFA

    The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data exfiltration.

    By Sept. 12, 2025
  • Shoes sit on display tables and shelves in a store
    Image attribution tooltip
    Brandon Bell via Getty Images
    Image attribution tooltip
    Deep Dive

    How the retail sector teams up to defend against cybercrime

    The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.

    By Sept. 11, 2025
  • A man faces multiple computer screens.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Ransomware insurance losses spike despite fewer claims: Resilience

    AI-powered phishing, “double extortion” tactics and insurance policy theft are fueling more destructive, costly ransomware attacks, the cybersecurity firm said.

    By Alexei Alexis • Sept. 10, 2025
  • software developers using computer to write code sitting at desk with multiple screens work remotely in home at night.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip
    Deep Dive

    How AI and politics hampered the secure open-source software movement

    Tech giants pledged millions to secure open-source code. Then AI came along.

    By Sept. 9, 2025
  • Vegetables sit on grocery store shelves
    Image attribution tooltip
    Joe Raedle via Getty Images
    Image attribution tooltip
    Deep Dive

    How the newest ISAC aims to help food and agriculture firms thwart cyberattacks

    Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.

    By Sept. 4, 2025
  • Inside Cloudflare’s offices in San Francisco, California.
    Image attribution tooltip
    Permission granted by Cloudflare
    Image attribution tooltip

    Cloudflare, Proofpoint say hackers gained access to Salesforce instances in attack spree

    The breaches are part of hundreds of potential supply chain attacks linked to Salesloft Drift.

    By Sept. 3, 2025
  • The red, white, blue, and gold seal of the Federal Communications Commission hangs on a wooden wall
    Image attribution tooltip
    Mark Wilson via Getty Images
    Image attribution tooltip
    Deep Dive

    FCC investigation could derail its own IoT security certification program

    Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.

    By Sept. 2, 2025
  • A cell tower is seen in a close-up shot
    Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    US, allies warn China-linked actors still targeting critical infrastructure

    An advisory from 13 countries says state-backed hackers continue trying to breach telecommunications systems and other vital networks.

    By Aug. 27, 2025
  • New generation internet technologies and security bug.
    Image attribution tooltip
    Devrimb
    Image attribution tooltip

    Hackers steal data from Salesforce instances in widespread campaign

    Google researchers say the hackers abused a third-party tool in an attack spree designed to harvest credentials.

    By Updated Aug. 29, 2025
  • A digital blue fingerprint lifted being lifted off a mirrored surface against a black background. Binary code makes up the fingerprint.
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    Execs worry about unknown identity-security weaknesses

    Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress.

    By Aug. 26, 2025
  • In a close-up of a severely shattered monitor screen, the display contains blue and black hues with various-sized white cracks.
    Image attribution tooltip
    Alamy
    Image attribution tooltip

    China-nexus hacker Silk Typhoon targeting cloud environments

    The state-linked espionage group has exploited zero-day flaws in Commvault and Citrix Netscaler, researchers say.

    By Aug. 22, 2025
  • World image
    Image attribution tooltip
    Getty Images
    Image attribution tooltip

    US charges Oregon man in vast botnet-for-hire operation

    Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.

    By Aug. 21, 2025