Achieve Federal-Grade M365 Security: Governing with Qualys SSPM and SCuBA
Qualys SaaS Security Posture Management (SSPM) introduces native support for the Secure Cloud Business Applications (SCuBA) compliance framework, bringing CI...
Government
20 articles
Sandworm Hackers Shift From IT Breaches to Critical OT Targets
A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn ...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20182 Cisco Cat...
AI cyber capability is speeding past earlier projections
AI cyber capability is improving faster than expected, with newer models surpassing earlier projections, according to the UK government’s AI Security Institu...
Fired employee sought AI help to hide deletion of hosting firm’s customer data
The apparent revenge deletion of US federal databases after the dismissal of twin brothers from an online hosting company is another reminder to IT and HR le...
UK moves to shield security researchers in cybercrime law overhaul
The proposed reforms, outlined in briefing documents published alongside the King’s Speech opening a new parliamentary session, would update the Computer Mis...
Government to Scrutinize Instructure Over Canvas Disruption, Data Breach
The Committee on Homeland Security has requested to be briefed on the incident and Instructure’s remediation steps. The post Government to Scrutinize Instruc...
How Rapid7 is bringing Cyber GRC closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
What is Cyber GRC? How Rapid7 is bringing compliance closer to security operations
Sabeen Malik is VP, Global Government Affairs and Public Policy at Rapid7. ⠀ Security teams need a better way to connect what they detect, what they fix, and...
Virginia man found guilty of destroying government databases after being fired
The incident occurred on February 18, 2025, shortly after Sohaib Akhter and his twin brother, Muneeb Akhter, were fired by their employer, a company that ser...
Federal agencies ordered to patch Ivanti EPMM zero-day in 3 days
The actively exploited flaw enables remote admin users to execute arbitrary code.
Virginia man found guilty of deleting 96 government databases
A Virginia man was convicted on federal charges Thursday after a jury found him guilty of deleting 96 government databases and stealing an individual’s passw...
Sen. Schumer seeks DHS plan on AI cyber coordination with state, local governments
The Senate’s top Democrat is worried about smaller government entities being left behind as AI models advance hacking risks. The post Sen.
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA has given U.S.
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-42208 BerriAI L...
Helping North Korean IT remote workers is becoming a fast track to prison
Two U.S.
Former govt contractor convicted for wiping dozens of federal databases
A 34-year-old Virginia man was found guilty of conspiring to destroy dozens of government databases after getting fired from his job as a federal contractor. [.
Iranian government hackers using Chaos ransomware as cover, researchers say
Incident responders from cybersecurity firm Rapid7 published a report about a recent intrusion that initially appeared to be a Chaos ransomware attack but wa...
CISA Issues Warning Over Palo Alto PAN-OS Flaw Enabling Root-Level Access
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a newly identified, severe vulnerability within Palo Alto ...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-6973 Ivanti End...