
MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also …

GSMA releases Mobile Threat Intelligence Framework
GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile …

Public anxiety mounts over critical infrastructure resilience to cyber attacks
With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according …

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA)
MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation …

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure
Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous …

Modeling organizations’ defensive mechanisms with MITRE D3FEND
Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As …

MITRE partners with Microsoft to address generative AI security risks
MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can …

MITRE ATT&CK v14 released
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. …

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros
MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th …

MITRE Caldera for OT now available as extension to open-source platform
MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that …

MITRE appoints Deborah Youmans as CIO
MITRE has named Deborah Youmans as its new chief information officer (CIO). Youmans will oversee more than 400 IT professionals in MITRE’s Enterprise Computing and Information …

MITRE partners with Robust Intelligence to tackle AI supply chain risks in open-source models
MITRE is collaborating with Robust Intelligence to enhance a free tool to help organizations assess the supply chain risks of publicly available artificial intelligence (AI) …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)