Cyber Threats
Exclusive
Trump’s CISA nominee said he left Coast Guard to address GOP hold
Sean Plankey confirmed the intent to Nextgov/FCW and said he’s “prepared to lead the nation’s cyber defense agency to protect the federal civilian networks and our nation’s critical infrastructure from physical and cyber attacks.”
Potential US-built hacking tools obtained by foreign spies and cybercriminals, research says
iVerify has described the activity as the “first known mass iOS attack” campaign of its kind. Google said fragments of the exploit first appeared last February, with ties to an unnamed “customer of a surveillance company.”
Intelligence firms watch for uptick in Iran cyber activity after US, Israel strikes
Analysts say organizations should remain vigilant, though early indications show Iran-linked hackers have overstated their success.
Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say
A Cisco threat intelligence report calls the cyberintruders “highly sophisticated” but stops short of naming any affiliation with a foreign nation.
Treasury sanctions Russian firm said to have stolen and sold US cyber tools
The sanctions coincide with an FBI investigation into Peter Williams, a former employee of U.S. defense contractor L3Harris who pleaded guilty to selling cyber exploits to a Russian entity.
Exclusive
Energy Department patched flaws enabling email impersonation in critical minerals system
The vulnerabilities could have let malicious users masquerade as agency officials, potentially misleading researchers, contractors and others.
Senator says AT&T and Verizon blocked release of Salt Typhoon security reports
“AT&T and Verizon apparently intervened” to block a major cyber intelligence firm from sending documentation about the telecom hackers, Sen. Maria Cantwell wrote in a letter.
White House cyber shop is crafting AI security policy framework, top official says
ONCD chief Sean Cairncross also said a bedrock National Cyber Strategy, initially expected last month, is coming “sooner rather than later” without specifying a date.
NIST releases a new draft cybersecurity framework for systems that never stop moving
Sometimes the most important cybersecurity work is not flashy.
Building government resilience in an era of AI-driven cyberattacks
COMMENTARY | As AI reshapes cyber threats, resilience will hinge on speed.
Experts press for large‑scale US offensive cyber operations at House hearing
The U.S. will be “hamstrung” until it fully integrates cyber and computer network matters into its military doctrine, the head of the McCrary Institute for Cyber and Critical Infrastructure said.
Predictions 2026: Three ways government tech will surprise us this year
2026 looks like a year when government technology settles into its next phase of maturity.
Featured eBooks
Chinese hackers targeted email systems of US congressional staff, people familiar say
The incident adds another chapter in a storied history of China’s cyber attempts to nab sensitive data from U.S. government systems.
EEOC experienced security incident involving contractor’s ‘unauthorized’ access, email says
The agency at the center of the Trump administration’s efforts to overhaul U.S. anti-discrimination regulations in workplaces is reviewing the matter with law enforcement.
Analysts watch for heightened cyber, disinformation campaigns following Venezuela raid
Disinformation operations have been spotted, but there are no signs the efforts are being coordinated through a foreign government, one observer told Nextgov/FCW.
UL Solutions withdraws as lead admin for FCC cyber label program amid probe into China ties
It’s not immediately clear who would administer the program, which was launched under Biden to help designate cyber-secure consumer electronic devices.
Microsegmentation: the unsung hero of cybersecurity (and why it should be your top priority)
COMMENTARY | We need to stop treating microsegmentation like an optional upgrade.
Cyber experts pinpoint what to look out for in 2026
Expect significant innovations in AI-driven cyber tools and a closer convergence between cybersecurity and geopolitics, they said.
Senate adjourns without confirming CISA director
Sean Plankey’s nomination faltered as lawmakers ran out the clock after a tumultuous year of workforce reductions. The cyberdefense agency enters the new year without a permanent leader as the White House finalizes a sweeping national cyber strategy.
Three moves that can jumpstart cyber modernization — even wthout a full budget
COMMENTARY | You don’t need a billion-dollar overhaul to modernize cybersecurity. Lou Eichenbaum shares three quick wins and three long-term priorities that agencies can act on, even with limited budgets.
