CISA stories

China-linked Warlock ransomware group exploits SmarterMail flaw for admin takeovers, chaining features to gain full Windows control.

Attackers are abusing Windows screensaver files in a spearphishing campaign to stealthily install remote access tools on business systems.

As hybrid IT sprawl fuels blind spots and AI-driven attacks, experts say only a zero trust, hybrid mesh rethink can secure modern networks.

Over 70% of major retailers and nearly 60% of wholesalers have exposed credentials, leaving shared supply chains ripe for attack.

Major firms are leaving known, actively exploited cyber flaws unpatched for six months or more, sharply heightening breach risks.

Black Hat will premiere Semperis documentary Midnight in the War Room in Las Vegas, spotlighting the human cost of cyber conflict.

NCC Group links Silver Fox’s false-flag malware campaigns to ValleyRAT and uncovers critical PowerG flaws that can fully compromise alarms.

Auto-update turns your firewall into a living defence, slashing patch delays and shutting attackers’ favourite door: unpatched systems.

AI is set to redefine cyber defence in 2026, forcing UK boards and public bodies to swap reactive security for automated, collective resilience.

Global cyber defence group FIRST reports record 2025 growth, topping 820 member teams and expanding technical, training and capacity work.

Cyber attacks on SaaS platforms are soaring, pushing boards to make AI‑driven security a core strategy as misconfigurations fuel mass breaches.

Vantage Markets secures Trend Micro’s Innovation Partnership Award for transforming security and driving real-time threat intelligence sharing.

AI-driven hackers are tipped to ramp up attacks on critical infrastructure and governments by 2026, exploiting ageing industrial systems.

SonicWall’s SonicOS 7.3 and NSM 3.1 harden networks with secure-by-default passwords, auto patching and stronger encrypted management.

Cyber chiefs predict 2026 cyber budgets will pivot from prevention and box-ticking to rapid response, recovery and demonstrable resilience.

AI deployment in critical infrastructure raises cyber security risks as attackers exploit operational technology networks with advanced AI-driven tactics.

U.S. MSPs can support critical infrastructure clients in meeting CIRCIA's 2026 cyber incident reporting rules, ensuring faster detection and compliance readiness.

Many network owners fear AI automation may disrupt vital systems; experts urge human-centred control to ensure safety and trust in AI-driven operations.

QuSecure appoints Garfield Jones as Senior VP to advance quantum-safe security, leveraging his US federal cybersecurity and post-quantum cryptography expertise.

Check Point topped NSS Labs’ 2025 firewall report with a 99.59% security effectiveness score, leading in malware and exploit defence amid rising cyber threats.