Cybersecurity Dive

Critical flaw in BeyondTrust Remote Support sees early signs of exploitation The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

Critical flaw in BeyondTrust Remote Support sees early signs of exploitation: www.cybersecuritydive.com/news/critica... (by David Jones)

Ransomware attacks increase against IT and food sectors Social engineering and zero-day vulnerability weaponization are getting faster and easier, two information sharing and analysis centers said in new reports.

Ransomware attacks increase against IT and food sectors: www.cybersecuritydive.com/news/ransomw... (by @ericjgeller.com)

CISA will shutter some missions to prioritize others The agency has lost roughly one-third of its workforce since January 2025.

CISA will shutter some missions to prioritize others: www.cybersecuritydive.com/news/cisa-cy... (by @ericjgeller.com)

SmarterMail facing widespread attacks targeting critical flaws The business email and collaboration software is being exploited for potential ransomware.

SmarterMail facing widespread attacks targeting critical flaws: www.cybersecuritydive.com/news/smarter... (by David Jones)

CISA seeks infrastructure sector consultation on incident reporting rule The agency is particularly interested in feedback on several aspects of the long-awaited regulation.

CISA seeks infrastructure sector consultation on incident reporting rule: www.cybersecuritydive.com/news/cisa-ci... (by @ericjgeller.com)

Majority of Ivanti EPMM threat activity linked to hidden IP A report by GreyNoise warns the IP address is operating behind bulletproof hosting infrastructure and might not show up in current IoCs.

Majority of Ivanti EPMM threat activity linked to hidden IP: www.cybersecuritydive.com/news/majorit... (by David Jones)

Extortion attacks on the rise as hackers prioritize supply-chain weaknesses Consulting firms and manufacturing companies accounted for many of the ransomware victims posted to the dark web in 2025, Intel 471 said.

Extortion attacks on the rise as hackers prioritize supply-chain weaknesses: www.cybersecuritydive.com/news/ransomw... (by @ericjgeller.com)

Microsoft prepares to refresh Secure Boot’s digital certificate Some customers, including in critical infrastructure sectors, will need to manually review their devices’ readiness for the update.

Microsoft prepares to refresh Secure Boot’s digital certificate: www.cybersecuritydive.com/news/microso... (by @ericjgeller.com)

Ivanti EPMM exploitation widespread as governments, others targeted Researchers warn the activity shows evidence of initial access brokers preparing for future attacks.

Ivanti EPMM exploitation widespread as governments, others targeted: www.cybersecuritydive.com/news/ivanti-... (by David Jones)

Polish power grid hack offers lessons for critical infrastructure operators, CISA says The agency listed several steps businesses could take to prevent similar cyberattacks.

Polish power grid hack offers lessons for critical infrastructure operators, CISA says: www.cybersecuritydive.com/news/cisa-cr... (by @ericjgeller.com)

Threat actors target SolarWinds Web Help Desk flaw Researchers say hackers are using remote monitoring and other tools in compromised environments.

Threat actors target SolarWinds Web Help Desk flaw: www.cybersecuritydive.com/news/threat-... (by David Jones)

FTC data highlights online threats to consumers and businesses The commission listed several steps companies can take to fend off attacks.

FTC data highlights online threats to consumers and businesses: www.cybersecuritydive.com/news/ftc-ran... (by @ericjgeller.com)

Critical flaw in SolarWinds Web Help Desk under exploitation The vulnerability could allow an attacker to achieve remote code execution.

Critical flaw in SolarWinds Web Help Desk under exploitation: www.cybersecuritydive.com/news/critica... (by David Jones)

CISA orders feds to disconnect unsupported network edge devices The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter.

CISA orders feds to disconnect unsupported network edge device: www.cybersecuritydive.com/news/cisa-ed... (by @ericjgeller.com)

Asian government’s espionage campaign breached critical infrastructure in 37 countries The victims included national telecommunications firms, finance ministries and police agencies, with most targets suggesting an economic focus, Palo Alto Networks said.

Asian government’s espionage campaign breached critical infrastructure in 37 countries: www.cybersecuritydive.com/news/asian-g... (by @ericjgeller.com)

Autonomous attacks ushered cybercrime into AI era in 2025 Malwarebytes urged companies to adopt continuous monitoring and lock down identity systems as AI models get better at orchestrating intrusions.

Autonomous attacks ushered cybercrime into AI era in 2025: www.cybersecuritydive.com/news/cybercr... (by @ericjgeller.com)

React2Shell exploitation undergoes significant change in threat activity Researchers see a sudden consolidation of source IPs since late January.

React2Shell exploitation undergoes significant change in threat activity: www.cybersecuritydive.com/news/react2s... (by David Jones)

AI-ISAC inches forward under Trump administration The U.S. government is exploring different options for how the information-sharing organization should work, an official said.

AI-ISAC inches forward under Trump administration: www.cybersecuritydive.com/news/ai-isac... (by @ericjgeller.com)

National cyber director solicits industry help in fixing regulations, threat information-sharing President Donald Trump’s chief cybersecurity adviser said a forthcoming national strategy will kick off ambitious projects.

National cyber director solicits industry help in fixing regulations, threat information-sharing: www.cybersecuritydive.com/news/sean-ca... (by @ericjgeller.com)

Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts Security researchers warn that the initial threat activity was highly targeted, as a limited number of users were impacted prior to disclosure.

Critical flaws in Ivanti EPMM lead to fast-moving exploitation attempts: www.cybersecuritydive.com/news/critica... (by David Jones)

National cybersecurity strategies depend on public-private trust, report warns An influential cybersecurity think tank urged governments to consult extensively with a wide variety of business stakeholders before making ambitious plans.

National cybersecurity strategies depend on public-private trust, report warns: www.cybersecuritydive.com/news/nationa... (by @ericjgeller.com)

FCC urges telecoms to boost cybersecurity amid growing ransomware threat The commission said it was aware of ransomware disruptions at a growing number of small and medium-sized telecoms.

FCC urges telecoms to boost cybersecurity amid growing ransomware threat: www.cybersecuritydive.com/news/fcc-tel... (by @ericjgeller.com)

Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat A look at the most important trends and issues in cyber this year.

Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat: www.cybersecuritydive.com/news/cyber-t...

Top cybersecurity conferences to attend in 2026 Security experts will come together to hear about the latest risk management strategies, novel hacking techniques, cyber governance and the technologies enterprises need to defend their networks.

We've updated our guide to the year's biggest cybersecurity conferences. Review it now to make sure you don't miss an important event! www.cybersecuritydive.com/news/top-cyb...

Cisco sees vulnerability exploitation top phishing in Q4 The company’s recommendations included monitoring for abuses of multifactor authentication, a growing threat.

Cisco sees vulnerability exploitation top phishing in Q4: www.cybersecuritydive.com/news/cisco-t... (by @ericjgeller.com)

Manufacturers fortify cyber defenses in response to dramatic surge in cyberattacks The IT/OT convergence and other trends are making the manufacturing industry’s networks more vulnerable and more frequently targeted, but sector leaders are working to improve their cyber posture.

Manufacturers fortify cyber defenses in response to dramatic surge in cyberattacks: www.cybersecuritydive.com/news/manufac... (by @ericjgeller.com and David Jones)

Government’s new approach to software security oversight could complicate things for vendors Software companies cheered the elimination of a government-wide attestation mandate. What comes next could be messy.

Government’s new approach to software security oversight could complicate things for vendors: www.cybersecuritydive.com/news/white-h... (by @ericjgeller.com)

AI tools break quickly, underscoring need for governance In a new report, the security firm Zscaler said it identified severe vulnerabilities in every enterprise tool it tested — sometimes on its first prompt.

AI tools break quickly, underscoring need for governance: www.cybersecuritydive.com/news/ai-vuln... (by @ericjgeller.com)

Corporate workers lean on shadow AI to enhance speed A report shows senior corporate executives are willing to allow unsanctioned AI use, which could place company data at risk.

Corporate workers lean on shadow AI to enhance speed: www.cybersecuritydive.com/news/corpora... (by David Jones)

Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority A new report from Trellix reviews the biggest breaches, describes the most effective defenses and profiles the most dangerous attackers.

Interconnectedness, extortion risk make cybersecurity a healthcare C-suite priority: www.cybersecuritydive.com/news/health-... (by @ericjgeller.com)