Security News

Breaking cybersecurity news, vulnerability disclosures, and industry updates.

White House Issues Executive Order on AI Security Standards for Critical Infrastructure

New executive order mandates AI security assessments and red-teaming requirements for AI systems deployed in critical infrastructure sectors.

January 27, 2026 AI securityexecutive ordercritical infrastructure

Ransomware Payments Declined 35% in 2025 as Organizations Improve Resilience

Chainalysis report shows ransomware payments dropped to $650 million in 2025, the lowest since 2020, driven by better backups and law enforcement pressure.

January 22, 2026 ransomwarepaymentsstatistics

Cloudflare Mitigates Record 7.1 Tbps DDoS Attack

The largest distributed denial-of-service attack ever recorded targeted a major financial services firm, demonstrating the escalating scale of volumetric attacks.

January 20, 2026 DDoSCloudflareattack

CISA Expands Known Exploited Vulnerabilities Catalog with AI-Powered Prioritization

CISA launches enhanced KEV catalog with machine learning-based exploit prediction scores to help organizations prioritize patching.

January 18, 2026 CISAKEVvulnerability management

Microsoft Patches Actively Exploited Zero-Day in Windows Kernel

January 2026 Patch Tuesday addresses 89 vulnerabilities including a kernel privilege escalation flaw exploited by state-sponsored actors.

January 14, 2026 Microsoftzero-dayPatch Tuesday

Critical OpenSSL Vulnerability Discovered Affecting Millions of Servers

A newly disclosed OpenSSL flaw allows remote code execution on unpatched systems. Patches are now available for all supported versions.

January 15, 2025 OpenSSLCVEremote code execution

NIST Cybersecurity Framework 2.0 Sees Rapid Enterprise Adoption

Six months after release, over 60% of Fortune 500 companies have begun implementing NIST CSF 2.0's new Govern function.

January 10, 2025 NISTCSF 2.0compliance