Software vulnerabilities pile up at government agencies, research finds

A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.

By David Jones • June 12, 2025

Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order

The White House accused the Biden administration of trying to “sneak problematic and distracting issues into cybersecurity policy.” 

By Eric Geller • June 6, 2025

Trump’s national cyber director nominee dodges criticism of funding cuts

Sean Cairncross said his managerial experience has prepared him well to lead a relatively new White House cyber unit.

By Eric Geller • June 5, 2025

Water utilities mitigate equipment flaws after researchers find widespread exposures

Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.

By David Jones • June 5, 2025

FBI, CISA warn Play ransomware targeting critical infrastructure with evolving techniques

The hacker group has breached hundreds of organizations and is working with others to exploit flaws in a popular remote support tool.

By David Jones • June 5, 2025

Banking groups urge SEC to rescind Biden-era cybersecurity rule

The rule has exposed companies to liability risks while failing to provide investors with “decision-useful” information, the coalition said in a recent letter.

By Alexei Alexis • June 5, 2025

Bipartisan bill proposes $50M cyber threat analysis program for energy sector

“Our national security depends on a resilient and secure energy grid,” said Sen. John Hickenlooper, D-Colo. Experts say the new effort would be welcomed by the private sector.

By Robert Walton • June 5, 2025

CISA workforce cut by nearly one-third so far

The agency has lost roughly 1,000 staffers in the wake of the Trump administration’s workforce cuts, losses that could imperil its ability to protect government computer systems and critical infrastructure.

By Eric Geller • June 4, 2025

Trump’s cyber nominees gain broad industry support

CISA director and national cyber director nominees could transform how the federal government engages with the private sector on cybersecurity issues.

By Eric Geller • Updated June 3, 2025

Trump’s CISA budget lays out deep job cuts, program reductions

Critical infrastructure organizations and small businesses would get less support under the president’s fiscal 2026 funding plan.

By Eric Geller • Updated June 2, 2025

Senate Democrats urge DHS to reconstitute CSRB

The lawmakers said the Cyber Safety Review Board’s work has made government agencies and private businesses more secure.

By Eric Geller • May 30, 2025

CISA loses nearly all top officials as purge continues

Most of the leaders of the agency’s operating divisions and regional offices have left or will leave this month amid the Trump administration’s aggressive government-downsizing campaign.

By Eric Geller • May 27, 2025

High-profile CISA departure adds to agency’s struggles

The Trump administration’s workforce purge is sapping CISA of its best talent, experts say. CISA deputy Matt Hartman is the latest to leave the agency.

By Eric Geller • May 20, 2025

Major tech vendors call for streamlining US foreign cyber aid

A new coalition will push policymakers to change how the government oversees foreign purchases of U.S. cyber resources.

By Eric Geller • Updated May 21, 2025

Researchers warn of China-backed espionage campaign targeting laid-off US workers

A report by FDD says an elaborate online recruiting effort is using LinkedIn and fake online companies to gather sensitive intelligence.

By David Jones • May 20, 2025

AI is stirring mixed feelings among CFOs, survey finds

The research highlights a “trust gap between the untested promise of AI and the wariness of security and privacy risks,” finance software company Kyriba said.

By Alexei Alexis • May 19, 2025

Hearing shows broad support for extension of cyber info-sharing law

With bipartisan support and backing from the private sector, the 2015 law appears to be on a glide path to reauthorization.

By Eric Geller • May 16, 2025

FBI warns senior US officials are being impersonated using texts, AI-based voice cloning

Hackers are increasingly using vishing and smishing for state-backed espionage campaigns and major ransomware attacks.

By David Jones • May 16, 2025

GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China

The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.

By Eric Geller • May 15, 2025

Congress faces pressure to renew cyber information-sharing law

The law’s expiration in September could jeopardize a wide range of information-sharing partnerships that have helped catch and thwart cyberattacks in the U.S.

By Eric Geller • May 14, 2025

Defense contractors get a head start on CMMC audits

Software investments, infrastructure upgrades and compliance documentation topped the list of Cybersecurity Maturity Model Certification implementation costs, a new survey shows.

By Eric Geller • May 12, 2025

NIST loses key cyber experts in standards and research

The head of the agency’s Computer Security Division and roughly a dozen of his subordinates took the Trump administration’s retirement offers, placing key programs at risk.

By Eric Geller • May 6, 2025

DOD plans to fast-track software security reviews

The Pentagon will lay out new security requirements and approval processes for the software it purchases.

By Eric Geller • May 5, 2025

UK authorities warn of retail-sector risks following cyberattack spree

Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

By David Jones • May 5, 2025

Access reviews can be fixed - here’s how

Drowning in spreadsheets for access reviews? There’s a smarter solution.

May 5, 2025