Russia-aligned hackers target US company in attack linked to Ukraine war effort

A threat group called RomCom has a history of cyberattacks against entities connected to the conflict.

By David Jones • Updated Nov. 25, 2025

Startup firm called Factory disrupts campaign designed to hijack development platform

The AI-based firm intercepted a state-linked operation that was abusing resources as part of a criminal cyber-fraud network.

By David Jones • Nov. 21, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Salesforce investigating campaign targeting customer environments connected to Gainsight app

Researchers warn that ShinyHunters has been compromising OAuth tokens to gain potential access to customer data. 

By David Jones • Updated Nov. 21, 2025

Record-breaking DDoS attack against Microsoft Azure mitigated

The attack was linked to the Aisuru botnet, which targets compromised home routers and cameras.

By David Jones • Nov. 19, 2025

Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships

Cyberattacks on the U.S. are “becoming more aggressive every passing day,” the national cyber director says.

By Eric Geller • Nov. 18, 2025

Hackers increasingly target operational technology, with manufacturing sector bearing the brunt

Companies should segment and monitor their networks to prevent hackers from crossing over from IT to OT, a new report said.

By Eric Geller • Nov. 18, 2025

US chips away at North Korean IT worker fraud

Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security.

By Eric Geller • Nov. 17, 2025

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Researchers said a China-backed adversary conducted powerful attacks with almost no human intervention. 

By David Jones • Updated Nov. 14, 2025

Akira engaged in ransomware attacks against critical sectors

The group has stepped up threat activity by abusing edge devices and other tools, reaping hundreds of millions of dollars in illicit gains.

By David Jones • Updated Nov. 14, 2025

Companies want more from their threat intelligence platforms

Customers expect faster, more accurate and more relevant data, Recorded Future found in a new report.

By Eric Geller • Nov. 12, 2025

Sophisticated threat actor targeting zero-day flaws in Cisco ISE and Citrix

Hackers use custom malware to access multiple vulnerabilities, researchers from Amazon warn.

By David Jones • Nov. 12, 2025

Shadow AI is widespread — and executives use it the most

Employees in fields like health care and finance trust AI more than they trust their colleagues, according to a new report.

By Eric Geller • Nov. 12, 2025

Cisco detects new attack variant targeting vulnerable firewalls

Hackers may be able to overload unpatched devices, the company said.

By Eric Geller • Nov. 10, 2025

Cyberattacks surge against IoT, mobile devices in critical infrastructure

Manufacturing and energy firms saw some of the biggest increases in malware activity targeting connected devices.

By Eric Geller • Nov. 7, 2025

In financial sector, vendors lag behind customers on cybersecurity

Financial firms should be performing regular oversight of their vendors to avoid supply chain compromises, according to a new report.

By Eric Geller • Nov. 6, 2025

Your AI-driven threat hunting is only as good as your data platform and pipeline

The data-centric foundation for modern threat hunting.

By Taylor Smith, Director of Product Marketing at Exaforce • Nov. 6, 2025

AI-based malware makes attacks stealthier and more adaptive

Google says it has discovered at least five malware families that use AI to reinvent themselves and hide from defenders.

By Eric Geller • Nov. 5, 2025

Hackers targeting Cisco IOS XE devices with BadCandy implant

Security researchers and Australian authorities warn that exploitation activity is ongoing.

By David Jones • Updated Nov. 5, 2025

Identity-based attacks need more attention in cloud security strategies

Companies should lock down user accounts and scan for compromised credentials, according to a new report.

By Eric Geller • Nov. 4, 2025

Cybercrime groups team with organized crime in massive cargo theft campaigns

Financially motivated hackers are abusing remote monitoring and access tools against trucking and freight companies, Proofpoint warns.

By David Jones • Updated Nov. 3, 2025

Windows Server Update Service exploitation ensnares at least 50 victims

Researchers say hackers could be gathering intelligence for future attacks, and authorities warn users to apply patches and check for compromise.

By David Jones • Oct. 31, 2025

FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Updated Oct. 31, 2025

CISA updates guidance and warns security teams on WSUS exploitation

The agency urges users to apply emergency patches from Microsoft to counter a serious threat.

By David Jones • Oct. 30, 2025

AI adoption outpaces corporate governance, security controls

Security and business leaders warn that companies are accelerating their use of agentic AI beyond the ability to maintain proper guardrails. 

By David Jones • Oct. 29, 2025

Google probes exploitation of critical Windows service CVE

Researchers have traced the threat activity to a newly identified hacker, while separate evidence points to more than one variant.

By David Jones • Oct. 28, 2025