Identity is the first line of defense, especially in an AI-fueled threat landscape

Two new reports illustrate why companies need to do a better job of scrutinizing what their human employees and AI agents are doing.

By Eric Geller • March 27, 2026

‘Do not shift budgets to AI’: How businesses should and shouldn’t respond to evolving threats

Experts said companies rushing to buy AI services risk letting their existing, still-vital defensive measures deteriorate.

By Eric Geller • March 25, 2026

Explore the Trendline➔

Managing identity sprawl

Cyber threat actors know the simplest way to hack into an enterprise and remain under the radar is with stolen, legitimate user credentials -- and cloud services and AI are making managing and securing digital identities more challenging than ever.

By Cybersecurity Dive staff

Iran-linked ransomware operation targeted US healthcare provider

The Pay2Key group may have shifted its aims from extortion to destruction.

By David Jones • March 25, 2026

Congress wants details from White House on cyber strategy, Iran resilience measures

Lawmakers’ aides from both parties say they want to be kept in the loop on implementation.

By Eric Geller • March 25, 2026

Companies face difficult choices in blaming hackers for an attack

Publicly naming a hacking group can affect everything from retaliation to insurance coverage.

By Eric Geller • March 24, 2026

Cybercrime groups speed up initial access handoff through planning, coordination

A report by Google Threat Intelligence Group also shows voice-based phishing has surged amid a rise in social engineering tactics.

By David Jones • March 24, 2026

ISACs confront AI’s promise and peril for threat intelligence-sharing

Any use of AI for ISAC work must preserve members’ trust, representatives of three critical infrastructure sectors said.

By Eric Geller • March 23, 2026

AI poised to help low-skilled hackers in the near term

The expected rise in automated cyberattacks means more work for defenders — but they can use AI to fight back.

By Eric Geller • March 23, 2026

Lockheed Martin targeted in alleged breach by pro-Iran hacktivist

The group is demanding millions of dollars to not sell the information to U.S. adversaries.

By David Jones • March 23, 2026

Stryker confirms cyberattack is contained and restoration underway

An assurance letter from Palo Alto Networks provides insight into the forensic investigation at the medical technology firm.

By David Jones • March 23, 2026

Network edge devices still widely used after reaching end-of-life status

A report by VulnCheck shows nation-state hackers often target flaws in aging routers, firewalls and VPNs.

By David Jones • March 23, 2026

US, allies move to dismantle four high-volume IoT botnets

The armies of hacked computers and internet of things gadgets powered disruption and extortion campaigns that sometimes cost victims tens of thousands of dollars.

By Eric Geller • March 20, 2026

DOJ confirms seizure of domains linked to Iran-backed threat actor

A group connected to Iranian intelligence used the same infrastructure to claim credit for the hack of medical technology firm Stryker. 

By David Jones • March 20, 2026

Water utilities need hands-on cybersecurity help, not just free guidance, pilot program finds

In a new report, Microsoft criticized the federal government for scaling back support to critical infrastructure operators.

By Eric Geller • March 19, 2026

CISA urges organizations to harden endpoint security following Stryker attack

The agency is coordinating with the FBI and other agencies amid concerns about additional threat activity involving Microsoft Intune. 

By David Jones • March 19, 2026

Threat groups target cyber-physical systems to disrupt critical infrastructure providers

The Iran war has raised concerns that key industrial sectors could be the target of hacktivists, state actors and other groups.

By David Jones • March 18, 2026

New research unpacks North Korea’s stealthy, sophisticated remote IT worker schemes

The report recommends that businesses practice several forms of vigilance to avoid unwittingly hiring Pyongyang’s operatives.

By Eric Geller • March 18, 2026

Stryker attack raises concerns about role of device management tool

Researchers warn that Microsoft Intune may have been weaponized to wipe critical devices.

By David Jones • March 16, 2026

Stryker’s manufacturing, shipping disrupted after cyberattack

The medtech company says it's still experiencing issues with order processing, manufacturing and shipping. 

By Ricky Zipp , David Jones • March 13, 2026

Even primitive AI-coded malware helps hackers move faster, thwart attribution

IBM researchers discovered an autonomously coded backdoor that they called unsophisticated but nonetheless ominous.

By Eric Geller • March 13, 2026

5 ways to protect manufacturing companies from cyberattacks

Manufacturing suffered the most cyberattacks of any industry last year. Experts have advice about hardening networks and avoiding common mistakes.

By Jeffrey Kinney • March 12, 2026

Coalition of information-sharing groups warns of cyber, physical attacks

A joint advisory says Iran-linked groups are targeting U.S. critical infrastructure using DDoS, phishing and other retaliatory techniques.

By David Jones • Updated March 12, 2026

Industry to NIST: Keep agentic AI standards flexible and voluntary

The business community said security guidance should reflect the nascency and diversity of the field.

By Eric Geller • March 11, 2026

US entities face heightened cyber risk related to Iran war

The military campaign against Iran is putting local governments, critical infrastructure providers and major U.S. companies at heightened risk of disruptive attacks.

By David Jones • March 10, 2026

State-linked actors targeted US networks in lead-up to Iran war

Researchers found backdoors installed on U.S. company networks in the weeks prior to the U.S. and Israeli bombing campaign.

By David Jones • March 9, 2026