government

Six metrics policymakers need to track cyber resilience
Most countries are still making national cyber policy decisions without reliable numbers. Regulations often focus on incident reporting after damage is done, but they fail to …

North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.
North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a …

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts
Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …

CISA says it will fill the gap as federal funding for MS-ISAC dries up
The cooperative agreement between the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the not-for-profit Center for Internet Security is ending today, the …

Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

The fight to lock down drones and their supply chains
Drones have already shown their impact in military operations, and their influence is spreading across the agricultural and industrial sectors. Given their technological …

U.S. Secret Service takes down network of devices threatening government officials
The U.S. Secret Service has broken up a network of electronic devices spread across the New York tristate area that officials say posed an imminent threat to national …

CISA looks to partners to shore up the future of the CVE Program
The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we …

Deepfakes are rewriting the rules of geopolitics
Deception and media manipulation have always been part of warfare, but AI has taken them to a new level. Entrust reports that deepfakes were created every five minutes in …

Local governments struggle to defend critical infrastructure as threats grow
A small-town water system, a county hospital, and a local school district may not seem like front-line targets in global conflict, but they are. These organizations face daily …

Commvault plugs holes in backup suite that allow remote code execution
Commvault has fixed four security vulnerabilities that may allow unauthenticated attackers to compromise on-premises deployments of its flagship backup and replication suite. …

For $40, you can buy stolen police and government email accounts
Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions