Cybersecurity
Secure by Design is just the start, CISA official says
A program manager for the Cybersecurity and Infrastructure Security Agency said ongoing threat vigilance is needed post-implementation of the agency’s Secure by Design framework.
CISA’s executive director is leaving the agency
Bridget Bean had been with CISA for over three years, during which time she also briefly served as the acting director of the cyber agency.
US agencies assessed Chinese telecom hackers likely hit data center and residential internet providers
Data center giant Digital Realty and mass media titan Comcast were documented as likely victims of the Salt Typhoon cyberespionage group, people familiar say, marking a potentially major expansion of the group’s initial telecom hacking campaign discovered last year.
Trump cyber executive order aims to amend ‘problematic’ parts of Biden, Obama cyber orders
The order strips certain Biden-era cyber directives and looks to orient federal cyber policy around concrete technical measures, including secure software development, quantum-resistant encryption and labeling standards for IoT devices.
DOJ files complaint to get nearly $8 million in stolen funds back from North Korea
The DPRK has long been tracked as a cyber actor that uses worker schemes to steal funds for its missile program and other regime goals.
Lawmakers warn that UK’s Apple backdoor demand ‘sets a dangerous precedent’
Rep. Jamie Raskin, D-Md., ranking member of the House Judiciary Committee, said "forcing companies to circumvent their own encrypted services in the name of security is the beginning of a dangerous slippery slope."
Wrong time for Trump admin to end mobile app security program, cyber lawmaker says
Amid a major Chinese intrusion into U.S. telecoms, New York Republican Rep. Andrew Garbarino says CISA’s Mobile App Vetting program shouldn’t be terminated.
Senate Homeland panel likely to approve Cairncross, Plankey for key cyber positions
Sean Plankey, tapped to lead CISA, did not appear at a Thursday hearing due to reported clearance-related delays, but his name was still added to a list of nominees to be voted on next week.
‘I do not have confidence’ that US infrastructure is cyber-secure, former NSC official says
At the AI Expo for National Competitiveness, Anne Neuberger told audiences that artificial intelligence tools are an enhancement opportunity for U.S. cyber defenses and intelligence collection.
CISA projected to lose a third of its workforce under Trump’s 2026 budget
The White House’s latest spending proposal projects nearly 1,000 jobs will be slashed at the nation’s lead civilian cyber agency. Related cyber and intel programs across government also face funding rollbacks.
Senators urge DHS to reinstate disbanded cyber review board
The board — which was dismissed at the start of the Trump administration — has been viewed as a well-intentioned but imperfect tool for reviewing significant cybersecurity events.
China-linked ‘Silk Typhoon’ hackers accessed Commvault cloud environments, person familiar says
The hacking unit previously infiltrated Treasury Department networks and compromised some of the agency’s most sensitive systems.
Featured eBooks
An 18th-century war power resurfaces in cyber policy talks
An old-world legal concept is seeing renewed interest in the cybersecurity community as a tool to give the private sector more runway to combat hackers, though many agree it’s more metaphor than mandate.
US, international and industry partners topple infrastructure of popular info-stealer malware
The collaborative effort worked to seize the takedown of some 2,300 domains that backed the web infrastructure of Lumma Stealer, sold to help hackers steal passwords and deploy ransomware around the world.
US should rethink current views of Russia’s cyber might, new report says
A think tank paper argues that Moscow’s network of hackers is more fragmented than U.S. officials once believed — a dynamic that may have led to exaggerated expectations of Russia’s cyber capabilities during its 2022 Ukraine invasion.
Industry reps urge Congress to renew backbone cyber information-sharing law
The Cybersecurity Information Sharing Act of 2015, a keystone ordinance that lets the private sector share cyber threat information with legal safeguards, expires in September unless renewed by Congress.
DHS head says she’s alarmed CISA doesn't know more about Salt Typhoon hacks
“The thing that has alarmed me the most about CISA is the lack of information that they have, the lack of solutions that they have, and how they protect our critical infrastructure,” Homeland Security Secretary Kristi Noem told members of the House Homeland Security Committee.
US spy chief fires heads of intelligence body that disputed Trump’s Venezuela gang claims
The National Intelligence Council assessment undercuts claims from President Donald Trump that Tren de Aragua is carrying out an “invasion” overseen by Venezuelan president Nicolás Maduro.
Intel agencies doubled use of US person-tied search terms under disputed spying power last year
The number of U.S. person-linked search terms used by spy agencies under Section 702 of FISA skyrocketed last year. But direct FBI queries of U.S. persons decreased as reforms came into place.
US and Netherlands seize network providers that helped hackers mask activities
The Justice Department and Dutch law enforcement shuttered 5socks and Anyproxy, services with Russian ties that sold proxies to cybercriminals. Lumen provided internet backbone data to the agencies.
