CyberScoop | Breaking Cybersecurity News, Public Sector Threats

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

CISA, Microsoft warn organizations of high-severity Microsoft Exchange vulnerability

The public disclosure and advisories came late Wednesday during Black Hat, but Microsoft said the timing was coordinated.

By Matt Kapko

SonicWall headquarters — SonicWall’s headquarters in Milpitas, California. (Getty Images)

SonicWall firewalls hit by active mass exploitation of suspected zero-day

Cybercrime

By Matt Kapko

Sean Cairncross, CEO, Millenium Challenge Corporation, speaks onstage during the 2019 Concordia Annual Summit – Day 2 at Grand Hyatt New York on Sept. 24, in New York City. (Photo by Riccardo Savi/Getty Images for Concordia Summit)

New National Cyber Director Cairncross faces challenges on policy, bureaucracy, threats

Government

By Tim Starks

Featured on CyberScoop

BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown

By Matt Kapko
Nigerian accused of hacking tax preparation businesses extradited to US

By Matt Kapko
Why identity is the definitive cyber defense for federal agencies

By Daniel Wilbricht
Iranian hackers were more coordinated, aligned during Israel conflict than it seemed

By Tim Starks
Google addresses six vulnerabilities in August’s Android security update

By Matt Kapko

Popular Stories

(Scoop News Group graphic)

A house full of open windows: Why telecoms may never purge their networks of Salt Typhoon

Experts tell CyberScoop that the U.S. telecom system is just too technologically fragmented to gather a clear picture of threats, and too big to ever fully eject…

By Derek B. Johnson

(Graphic by Scoop News Group)

‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots

Seven sources tell CyberScoop that a lack of coordination and miscommunication between federal agencies and the telecommunications industry left critical networks exposed to the Chinese hacking group.

By Tim Starks

Briefcase full of U.S. currency. — Briefcase full of U.S. currency. (Getty Images)

Who needs VC funding? How cybercriminals spread their ill-gotten gains to everyday business ventures

The benefits of cybercrime aren't all flashy cars and watches. Sophos X-Ops researchers discovered it also fuels a far-reaching mix of ordinary, sometimes unremarkable businesses.

By Matt Kapko

Donald Trump — (Graphic by Emma Whitehead / Photo: Gage Skidmore)

Trump and others want to ramp up cyber offense, but there’s plenty of doubt about the idea

In recent months, incoming Trump administration national security adviser Mike Waltz and some lawmakers have suggested that in response to Chinese cyber breaches, the United States needs…

By Tim Starks Mark Pomerleau

A major cybersecurity law is expiring soon — and advocates are prepping to push Congress for renewal

By Tim Starks

Who is sending those scammy text messages about unpaid tolls?

By Matt Kapko

What defenders are learning from Black Basta’s leaked chat logs

By Matt Kapko

Despite challenges, the CVE program is a public-private partnership that has shown resilience

By Cynthia Brumfield

Legal barriers complicate justice for spyware victims

By Tim Starks

Insights

Agencies push for digital transformation amid security challenges

By Scoop News Group

Photo illustration of AI and security.

Want to scale cyber defenders? Focus on AI-enabled security and organization-wide training

By Jay Bhalodia

Data-driven decision-making: The power of enhanced event logging

By Casey Kahsen

Operationalizing zero trust: A practical guide for modern federal agencies

By Scoop News Group

Videos

Why blocking cyber threats is no longer enough

By Scoop News Group

To Catch a Thief: China’s Rise to Cyber Supremacy

By Scoop News Group

Red Hat’s Adam Clater on navigating zero trust’s unknowns

By Scoop News Group

Datadog’s Brian Mikkelsen on unifying zero-trust security efforts

By Scoop News Group

Podcasts

What is CISA’s focus moving forward

By CyberScoop Staff

Inside the AI Action Plan with Dreadnode’s Daria Bahrami

By CyberScoop Staff

Unlocking stronger cyber defense through privilege management

By Scoop News Group

NetRise’s Tom Pace on why telecom’s Salt Typhoon problem may never go away

By CyberScoop Staff

The Latest

moolyboo, iStock/Getty Images Plus

AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges

sarayut Thaneerat, Getty Images

‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations

BlackSuit site seizure notice — Seizure notice displayed on BlackSuit’s extortion site. (State Criminal Police Office Lower Saxony, Germany)

Details emerge on BlackSuit ransomware takedown

The money earned by remote North Korean IT workers is funding the North Korean weapons programs. (Getty Images)

CrowdStrike investigated 320 North Korean IT worker cases in the past year

Sean Cairncross, as CEO of the Millenium Challenge Corporation, speaks onstage during the 2019 Concordia Annual Summit in New York City. (Photo by Riccardo Savi/Getty Images for Concordia Summit)

Senate confirms national cyber director pick Sean Cairncross

PHP — (Getty Images)

Cursor’s AI coding agent morphed ‘into local shell’ with one-line prompt attack

Palo Alto Networks headquarters in Silicon Valley; Palo Alto Networks, Inc. is an American multinational cyber security company. (Getty Images)

Social engineering attacks surged this past year, Palo Alto Networks report finds

Members of the Peoples Liberation Army band leave after the closing session of the Chinese People’s Political Consultative Conference, or CPPCC, at the Great Hall of the People on March 10, 2025 in Beijing. (Photo by Kevin Frayer/Getty Images)

China accuses US of exploiting Microsoft zero-day in cyberattack

Cranes are seen at the Port Newark Container Terminal in Newark, N.J. on April 8, 2025. (Photo by CHARLY TRIBALLEAU / AFP)

Feds still trying to crack Volt Typhoon hackers’ intentions, goals

Anton Petrus, via Getty Images

Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow

Parts of the IBM Quantum System Two are displayed at IBM Thomas J. Watson Research Center on June 6, 2025 in Yorktown Heights, New York. (Photo by ANGELA WEISS / AFP)

Senate legislation would direct federal agencies to fortify against quantum computing cyber threats

Workers enter a building on the Google headquarters campus on July 23, 2025, in Mountain View, California. — Workers enter a building on the Google headquarters campus on July 23, 2025, in Mountain View, California. (Justin Sullivan/Getty Images)

Project Zero disclosure policy change puts vendors on early notice

WASHINGTON, DC – JUNE 17: U.S. Sen. Alex Padilla (D-CA) walks to the Senate Chambers U.S. Capitol on June 17, 2025 in Washington, DC. Padilla has returned to the U.S. Capitol with a bigger security detail and is set to make a speech on the Senate Floor, where he will discuss his removal from a news conference being held by Homeland Security Secretary Kristi Noem after trying to ask a question. (Photo by Kayla Bartkowski/Getty Images)

Senate Democrats call Trump admin’s focus on state voter rolls a pretext for disenfranchisement

Upcoming Events

Aug 19 2025

Agentic AI Government Summit + Jamfest

Waldorf Astoria, Washington, D.C.

Sep 4 2025

EMERGE: Defend and Disrupt

Waldorf Astoria, Washington, D.C.

Sep 9 2025

AI & Tech for Government: Innovation in Action CA

Hotel Alma, San Diego, CA

Sep 18 2025

FedTalks

Waldorf Astoria, Washington, D.C.

Oct 20 2025

CYBERWEEK

WASHINGTON D.C.