Threat actors are increasingly exploiting resurgent vulnerabilities—older CVEs that re-emerge years after disclosure—due to their ease of weaponization and lack of monitoring.

According to a report from Shadowserver, the majority of exploitation attempts originate from IP addresses in Asia, with a small number coming from Europe and North America.

A startling majority — 82% — of K-12 schools experienced a cyber incident between July 2023 and December 2024, according to a report released Thursday by the nonprofit Center for Internet Security.

President Trump has named Sean Plankey to become the director of the CISA. Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.

A massive botnet comprising more than 30,000 hacked security cameras and network video recorders is being used to launch DDoS attacks against telecom providers and gaming platforms, as per researchers from Nokia Deepfield and GreyNoise.

State and local communities are facing a rise in cyber threats from nation-state-linked and criminal threat groups, which in many cases are looking to undermine confidence in public institutions, according to a report by the MS-ISAC.

Karen Evans, who first joined CISA in January as a senior adviser, will be responsible for leading the agency’s cybersecurity efforts as the national coordinator for critical infrastructure security and resilience.

GreyNoise researchers observed active exploitation of two Cisco vulnerabilities, CVE-2018-0171 and CVE-2023-20198, which reportedly have been used in recent attacks by the Chinese nation-state threat group known as Salt Typhoon.

Horizon3.ai researchers on Wednesday released technical details and a proof-of-concept (PoC) exploit for four critical Ivanti vulnerabilities that were first disclosed and patched last month.

In 75% of the ransomware incidents Huntress observed in 2024, threat actors used remote access Trojans (RATs), while 17.3% of attacks featured abused of remote monitoring and management tools like ConnectWise ScreenConnect, TeamViewer and LogMeIn.