Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships

Cyberattacks on the U.S. are “becoming more aggressive every passing day,” the national cyber director says.

By Eric Geller • Nov. 18, 2025

Hackers increasingly target operational technology, with manufacturing sector bearing the brunt

Companies should segment and monitor their networks to prevent hackers from crossing over from IT to OT, a new report said.

By Eric Geller • Nov. 18, 2025

Explore the Trendline➔

Managing identity sprawl

Cyber threat actors know the simplest way to hack into an enterprise and remain under the radar is with stolen, legitimate user credentials -- and cloud services and AI are making managing and securing digital identities more challenging than ever.

By Cybersecurity Dive staff

US chips away at North Korean IT worker fraud

Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security.

By Eric Geller • Nov. 17, 2025

Anthropic warns state-linked actor abused its AI tool in sophisticated espionage campaign

Researchers said a China-backed adversary conducted powerful attacks with almost no human intervention. 

By David Jones • Updated Nov. 14, 2025

Akira engaged in ransomware attacks against critical sectors

The group has stepped up threat activity by abusing edge devices and other tools, reaping hundreds of millions of dollars in illicit gains.

By David Jones • Updated Nov. 14, 2025

Companies want more from their threat intelligence platforms

Customers expect faster, more accurate and more relevant data, Recorded Future found in a new report.

By Eric Geller • Nov. 12, 2025

Sophisticated threat actor targeting zero-day flaws in Cisco ISE and Citrix

Hackers use custom malware to access multiple vulnerabilities, researchers from Amazon warn.

By David Jones • Nov. 12, 2025

Shadow AI is widespread — and executives use it the most

Employees in fields like health care and finance trust AI more than they trust their colleagues, according to a new report.

By Eric Geller • Nov. 12, 2025

Cisco detects new attack variant targeting vulnerable firewalls

Hackers may be able to overload unpatched devices, the company said.

By Eric Geller • Nov. 10, 2025

Cyberattacks surge against IoT, mobile devices in critical infrastructure

Manufacturing and energy firms saw some of the biggest increases in malware activity targeting connected devices.

By Eric Geller • Nov. 7, 2025

In financial sector, vendors lag behind customers on cybersecurity

Financial firms should be performing regular oversight of their vendors to avoid supply chain compromises, according to a new report.

By Eric Geller • Nov. 6, 2025

Your AI-driven threat hunting is only as good as your data platform and pipeline

The data-centric foundation for modern threat hunting.

By Taylor Smith, Director of Product Marketing at Exaforce • Nov. 6, 2025

AI-based malware makes attacks stealthier and more adaptive

Google says it has discovered at least five malware families that use AI to reinvent themselves and hide from defenders.

By Eric Geller • Nov. 5, 2025

Hackers targeting Cisco IOS XE devices with BadCandy implant

Security researchers and Australian authorities warn that exploitation activity is ongoing.

By David Jones • Updated Nov. 5, 2025

Identity-based attacks need more attention in cloud security strategies

Companies should lock down user accounts and scan for compromised credentials, according to a new report.

By Eric Geller • Nov. 4, 2025

Cybercrime groups team with organized crime in massive cargo theft campaigns

Financially motivated hackers are abusing remote monitoring and access tools against trucking and freight companies, Proofpoint warns.

By David Jones • Updated Nov. 3, 2025

Windows Server Update Service exploitation ensnares at least 50 victims

Researchers say hackers could be gathering intelligence for future attacks, and authorities warn users to apply patches and check for compromise.

By David Jones • Oct. 31, 2025

FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Updated Oct. 31, 2025

CISA updates guidance and warns security teams on WSUS exploitation

The agency urges users to apply emergency patches from Microsoft to counter a serious threat.

By David Jones • Oct. 30, 2025

AI adoption outpaces corporate governance, security controls

Security and business leaders warn that companies are accelerating their use of agentic AI beyond the ability to maintain proper guardrails. 

By David Jones • Oct. 29, 2025

Google probes exploitation of critical Windows service CVE

Researchers have traced the threat activity to a newly identified hacker, while separate evidence points to more than one variant.

By David Jones • Oct. 28, 2025

North Korea led the world in nation-state hacking in Q2 and Q3

Security leaders should prioritize anomalous-activity detection and zero-trust principles, a new report recommends.

By Eric Geller • Oct. 24, 2025

AI security flaws afflict half of organizations

EY suggested ways for companies to reduce AI-related hacking risks.

By Eric Geller • Oct. 22, 2025

Gartner: How to prepare for and respond to today’s evolving threat landscape

With the emergence of AI, security operations teams must navigate a fast-moving generation of cyber threats.

By Jeremy D'Hoinne, Distinguished Research VP, Gartner • Oct. 21, 2025

AI-fueled automation helps ransomware-as-a-service groups stand out from the crowd

Ransomware gangs that offer their affiliates customization and automation are growing faster than those that don’t, a new report finds.

By Eric Geller • Oct. 21, 2025