Collaborate Disseminate
Reps. Don Bacon, R-Neb., and James Walkinshaw, D-Va., found rare bipartisan agreement that the agency tasked with defending civilian networks has been diminished at a moment when threats from China and others are growing.
The post Lawmakers from both parties say CISA cuts have gone too far appeared first on CyberScoop.
Continue reading Lawmakers from both parties say CISA cuts have gone too far
As AI expands the attack surface and alert fatigue grows, cyber exposure management offers a clearer path to understanding where risk truly concentrates and how to reduce it before a crisis hits.
The post The readiness paradox: Why a false sense of cyber confidence is becoming a liability appeared first on CyberScoop.
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing software development platforms and the ecosystems built around third-party developer tools. The Microsoft-owned company said in posts on X that it detected and contained the […]
The post GitHub says internal repositories were taken in poisoned VS Code extension attack appeared first on CyberScoop.
Continue reading GitHub says internal repositories were taken in poisoned VS Code extension attack
Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines.
The post Mini Shai-Hulud returns, compromising hundreds of npm packages appeared first on CyberScoop.
Continue reading Mini Shai-Hulud returns, compromising hundreds of npm packages
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a warning about how unprepared most organizations still are.
The post The Canvas breach proved that prevention is no longer enough appeared first on CyberScoop.
Continue reading The Canvas breach proved that prevention is no longer enough
Two independent studies found that Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5 have outpaced every trend line researchers were tracking. No one is sure if this is a one-time leap or the new normal.
The post Researchers say AI just broke every benchmark for autonomous cyber capability appeared first on CyberScoop.
Continue reading Researchers say AI just broke every benchmark for autonomous cyber capability
With Daybreak, OpenAI is taking direct aim at Anthropic’s tightly restricted Mythos model, offering a more open — but still carefully gated — path to AI-powered cyber defense.
The post Daybreak is OpenAI’s answer to the AI arms race in cybersecurity appeared first on CyberScoop.
Continue reading Daybreak is OpenAI’s answer to the AI arms race in cybersecurity
The campaign hit major registries and hid behind legitimate-looking release signatures, showing how attackers can weaponize the software update process itself.
The post ‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack appeared first on CyberScoop.
Startups are scaling faster, attackers are getting smarter, and investors are getting more selective. The cybersecurity industry is in the middle of a reset.
The post AI is separating the companies built to scale from the ones built to sell appeared first on CyberScoop.
Continue reading AI is separating the companies built to scale from the ones built to sell
As AI and quantum threats target the backbone of the American economy, Washington must provide the guidance and incentives necessary for SMBs to access executive-level cyber expertise.
The post The missing cybersecurity leader in small business appeared first on CyberScoop.
Continue reading The missing cybersecurity leader in small business