Cybersecurity Dive
@cybersecuritydive.bsky.social
We provide business journalism into the most impactful news and trends shaping cybersecurity.
Russia-linked hackers breach critical infrastructure organizations via edge devices: www.cybersecuritydive.com/news/russian... (by @ericjgeller.com)
Russia-linked hackers breach critical infrastructure organizations via edge devices
New research offers the latest evidence that vulnerable network edge equipment is a pressing concern.
www.cybersecuritydive.com
December 16, 2025 at 5:00 PM
Russia-linked hackers breach critical infrastructure organizations via edge devices: www.cybersecuritydive.com/news/russian... (by @ericjgeller.com)
Cybersecurity concerns are paramount among executives in almost all roles, regions and industries: www.cybersecuritydive.com/news/cyberse... (by @ericjgeller.com)
Cybersecurity concerns are paramount among executives in almost all roles, regions and industries
A new survey finds widespread agreement that security is one of the biggest challenges facing companies today.
www.cybersecuritydive.com
December 15, 2025 at 5:00 PM
Cybersecurity concerns are paramount among executives in almost all roles, regions and industries: www.cybersecuritydive.com/news/cyberse... (by @ericjgeller.com)
CISOs view hybrid environments as best way to manage risk, compliance: www.cybersecuritydive.com/news/cisos-h... (by David Jones)
CISOs view hybrid environments as best way to manage risk, compliance
Security leaders are also focused on the convergence of IT and operational technology as business continuity becomes a major concern.
www.cybersecuritydive.com
December 15, 2025 at 4:45 PM
CISOs view hybrid environments as best way to manage risk, compliance: www.cybersecuritydive.com/news/cisos-h... (by David Jones)
React urges new patch upgrades after security researchers flag additional flaws: www.cybersecuritydive.com/news/react-u... (by David Jones)
React urges new patch upgrades after security researchers flag additional flaws
Researchers warn that critical infrastructure providers and government sites are being targeted by state-linked attackers.
www.cybersecuritydive.com
December 12, 2025 at 7:01 PM
React urges new patch upgrades after security researchers flag additional flaws: www.cybersecuritydive.com/news/react-u... (by David Jones)
CISA updates cybersecurity benchmarks for critical infrastructure organizations: www.cybersecuritydive.com/news/cisa-cy... (by @ericjgeller.com)
CISA updates cybersecurity benchmarks for critical infrastructure organizations
The agency streamlines and supplements goals it first issued in 2022.
www.cybersecuritydive.com
December 12, 2025 at 6:00 PM
CISA updates cybersecurity benchmarks for critical infrastructure organizations: www.cybersecuritydive.com/news/cisa-cy... (by @ericjgeller.com)
Grid-scale battery energy storage systems face heightened risk of cyberattack: www.cybersecuritydive.com/news/battery... (by David Jones)
Grid-scale battery energy storage systems face heightened risk of cyberattack
Experts warn that state-linked threat groups are actively searching for ways to disrupt the industry amid growing power demand in the U.S.
www.cybersecuritydive.com
December 12, 2025 at 5:01 PM
Grid-scale battery energy storage systems face heightened risk of cyberattack: www.cybersecuritydive.com/news/battery... (by David Jones)
React Server Components crisis escalates as security teams respond to compromises: www.cybersecuritydive.com/news/react-s... (by David Jones)
React Server Components crisis escalates as security teams respond to compromises
Suspected North Korean actors target users with fake IT recruitment scheme.
www.cybersecuritydive.com
December 12, 2025 at 4:00 PM
React Server Components crisis escalates as security teams respond to compromises: www.cybersecuritydive.com/news/react-s... (by David Jones)
Pro-Russia hacktivists launching attacks that could damage OT: www.cybersecuritydive.com/news/russian... (by @ericjgeller.com)
Pro-Russia hacktivists launching attacks that could damage OT
The U.S. and its allies issued a joint alert warning that defenders should take the hackers seriously, despite the attackers’ pattern of exaggerating their actual impact.
www.cybersecuritydive.com
December 10, 2025 at 5:00 PM
Pro-Russia hacktivists launching attacks that could damage OT: www.cybersecuritydive.com/news/russian... (by @ericjgeller.com)
Majority of global firms plan to boost cyber spending in 2026: www.cybersecuritydive.com/news/global-... (by David Jones)
Majority of global firms plan to boost cyber spending in 2026
A report by Marsh shows companies are also focused on third-party risk mitigation.
www.cybersecuritydive.com
December 9, 2025 at 5:00 PM
Majority of global firms plan to boost cyber spending in 2026: www.cybersecuritydive.com/news/global-... (by David Jones)
Initial access brokers involved in more attacks, including on critical infrastructure: www.cybersecuritydive.com/news/initial... (by @ericjgeller.com)
Initial access brokers involved in more attacks, including on critical infrastructure
A research firm also finds nation-states aligning their cyberattacks more closely with geostrategic goals.
www.cybersecuritydive.com
December 8, 2025 at 10:00 PM
Initial access brokers involved in more attacks, including on critical infrastructure: www.cybersecuritydive.com/news/initial... (by @ericjgeller.com)
Ransomware peaked in 2023 prior to law enforcement actions: www.cybersecuritydive.com/news/ransomw... (by David Jones)
Ransomware peaked in 2023 prior to law enforcement actions
U.S. Treasury report shows drop in threat activity in the wake of aggressive takedown efforts.
www.cybersecuritydive.com
December 8, 2025 at 7:00 PM
Ransomware peaked in 2023 prior to law enforcement actions: www.cybersecuritydive.com/news/ransomw... (by David Jones)
Major drug research company confirms cyberattack compromised employee and partner data: www.cybersecuritydive.com/news/inotiv-... (by @ericjgeller.com)
Major drug research company confirms cyberattack compromised employee and partner data
Indiana-based Inotiv said it was still evaluating the hack’s impact on its business.
www.cybersecuritydive.com
December 8, 2025 at 5:00 PM
Major drug research company confirms cyberattack compromised employee and partner data: www.cybersecuritydive.com/news/inotiv-... (by @ericjgeller.com)
US, allies urge critical infrastructure operators to carefully plan and oversee AI use: www.cybersecuritydive.com/news/ai-crit... (by @ericjgeller.com)
US, allies urge critical infrastructure operators to carefully plan and oversee AI use
New guidance attempts to temper companies’ enthusiasm for the latest exciting technology.
www.cybersecuritydive.com
December 4, 2025 at 8:00 PM
US, allies urge critical infrastructure operators to carefully plan and oversee AI use: www.cybersecuritydive.com/news/ai-crit... (by @ericjgeller.com)
Critical vulnerabilities found in React and Next.js: www.cybersecuritydive.com/news/critica... (by David Jones)
Critical vulnerabilities found in React and Next.js
Researchers warn the flaws can be easily leveraged to achieve full remote code execution.
www.cybersecuritydive.com
December 4, 2025 at 7:00 PM
Critical vulnerabilities found in React and Next.js: www.cybersecuritydive.com/news/critica... (by David Jones)
Lawmakers question White House on strategy for countering AI-fueled hacks: www.cybersecuritydive.com/news/ai-anth... (by @ericjgeller.com)
Lawmakers question White House on strategy for countering AI-fueled hacks
The Trump administration has said little about how it will prevent hackers from abusing AI.
www.cybersecuritydive.com
December 4, 2025 at 4:00 PM
Lawmakers question White House on strategy for countering AI-fueled hacks: www.cybersecuritydive.com/news/ai-anth... (by @ericjgeller.com)
CISA eliminates pay incentives as it changes how it retains top cyber talent: www.cybersecuritydive.com/news/cisa-el... (by @ericjgeller.com)
CISA eliminates pay incentives as it changes how it retains top cyber talent
The agency is scrapping a program that auditors described as poorly managed as it expands another recruitment tool.
www.cybersecuritydive.com
December 3, 2025 at 9:00 PM
CISA eliminates pay incentives as it changes how it retains top cyber talent: www.cybersecuritydive.com/news/cisa-el... (by @ericjgeller.com)
Leading surveillance camera vendor signs CISA’s product-security pledge: www.cybersecuritydive.com/news/surveil... (by @ericjgeller.com)
Leading surveillance camera vendor signs CISA’s product-security pledge
Axis Communications is the first major surveillance camera maker to vow to adhere to CISA’s security guidelines.
www.cybersecuritydive.com
December 3, 2025 at 5:02 PM
Leading surveillance camera vendor signs CISA’s product-security pledge: www.cybersecuritydive.com/news/surveil... (by @ericjgeller.com)
Senators push to renew cyber grant program for state, local governments: www.cybersecuritydive.com/news/state-l... (by @ericjgeller.com)
Senators push to renew cyber grant program for state, local governments
Security experts and local officials say the program is vital to protecting the country.
www.cybersecuritydive.com
December 2, 2025 at 7:00 PM
Senators push to renew cyber grant program for state, local governments: www.cybersecuritydive.com/news/state-l... (by @ericjgeller.com)
Fortinet FortiWeb flaws found in unsupported versions of web application firewall: www.cybersecuritydive.com/news/fortine... (by David Jones)
Fortinet FortiWeb flaws found in unsupported versions of web application firewall
Security researchers raise new concerns after the company previously failed to issue prompt security guidance.
www.cybersecuritydive.com
December 2, 2025 at 6:00 PM
Fortinet FortiWeb flaws found in unsupported versions of web application firewall: www.cybersecuritydive.com/news/fortine... (by David Jones)
Hackers ready threat campaign aimed at Zendesk environments: www.cybersecuritydive.com/news/hackers... (by David Jones)
Hackers ready threat campaign aimed at Zendesk environments
Researchers warn that hackers linked to recent social engineering attacks are targeting customer service environments.
www.cybersecuritydive.com
December 1, 2025 at 5:00 PM
Hackers ready threat campaign aimed at Zendesk environments: www.cybersecuritydive.com/news/hackers... (by David Jones)
European police dismantle cryptocurrency mixer that laundered $1.5 billion for ransomware gangs, other criminals: www.cybersecuritydive.com/news/cryptoc... (by @ericjgeller.com)
European police dismantle cryptocurrency mixer that laundered $1.5 billion for ransomware gangs, other criminals
Authorities have spent years trying to cripple the ecosystem that helps hackers hide their profits.
www.cybersecuritydive.com
December 1, 2025 at 4:00 PM
European police dismantle cryptocurrency mixer that laundered $1.5 billion for ransomware gangs, other criminals: www.cybersecuritydive.com/news/cryptoc... (by @ericjgeller.com)
Thanksgiving holiday weekend kicks off heightened threat environment for security teams: www.cybersecuritydive.com/news/thanksg... (by David Jones)
Thanksgiving holiday weekend kicks off heightened threat environment for security teams
As workers take family time and consumers race for Black Friday discounts, hackers gain an advantage to penetrate vulnerable corporate perimeters.
www.cybersecuritydive.com
November 26, 2025 at 7:00 PM
Thanksgiving holiday weekend kicks off heightened threat environment for security teams: www.cybersecuritydive.com/news/thanksg... (by David Jones)
Gainsight CEO promises transparency as it responds to compromise of Salesforce integration: www.cybersecuritydive.com/news/gainsig... (by David Jones)
Gainsight CEO promises transparency as it responds to compromise of Salesforce integration
The company has been in regular contact with customers, and says only a handful have seen data directly impacted.
www.cybersecuritydive.com
November 26, 2025 at 6:00 PM
Gainsight CEO promises transparency as it responds to compromise of Salesforce integration: www.cybersecuritydive.com/news/gainsig... (by David Jones)
Microsoft tightens cloud login process to prevent common attack: www.cybersecuritydive.com/news/microso... (by @ericjgeller.com)
Microsoft tightens cloud login process to prevent common attack
Hackers have spent decades exploiting a ubiquitous type of vulnerability. Microsoft is trying to change that.
www.cybersecuritydive.com
November 26, 2025 at 5:00 PM
Microsoft tightens cloud login process to prevent common attack: www.cybersecuritydive.com/news/microso... (by @ericjgeller.com)