DarkReading.com reported that “It’s a story we’ve all heard before, yet somehow, we keep living it. Despite years of cybersecurity awareness campaigns, training sessions, and technological advances, the same fundamental security challenges continue to plague organizations worldwide.” The November 20, 2025 article entitled “Same Old Security Problems: Cyber Training Still Fails…

Darkreading.com reported that “Amazon researchers discovered more than 150,000 malicious packages in the NPM registry, in what they called “a defining moment in supply chain security.”” The November 14, 2025 article entitled “150,000 Packages Flood NPM Registry in Token Farming Campaign” (https://www.darkreading.com/application-security/150000-packages-flood-npm-registry-token-farming) included these comments:

The packages were…

DarkReading.com reported that “Attackers are pouncing on financially strapped US government agencies and furloughed employees. And the effects of this period might be felt for a long time hereafter.” The October 24, 2025 article entitled “Shutdown Sparks 85% Increase in US Government Cyberattacks” (https://www.darkreading.com/cybersecurity-operations/shutdown-increase-us-government-cyberattacks) included these comments:

The Media Trust found that the most targeted agency during this shutdown, by far, has been the Department of Veterans Affairs (VA). In second place — again, some distance from third — is the Department of Justice (DoJ). The chart below shows the volume of attacks that reached each agency in the first week of October.

Though the VA and DoJ might sound like an arbitrary duo, there may well be some hidden logic underneath.

When a government shutdown happens, employees fall into two buckets. Many are furloughed — sent home and barred from even checking their government email inbox. Some are deemed “essential,” though, and they have to keep working.

Essential workers are just as unpaid, stressed, and vulnerable, yet they still have to walk into their workplace everyday. Miller points out how, especially in these cases, “you’re going to have morale issues. And then with this minimal staffing, you’re creating a higher burden on the personnel who are there having to do probably additional work,” meaning cyber threats are more likely to slip through.

Because so many of them perform crucial medical and benefits work, 96.8% of employees at the VA are still going into work Monday through Friday. Similarly, 90% of DoJ employees are considered essential.

The White House has advised that, during the shutdown, “generally, agency cybersecurity functions are excepted as these functions are necessary to avoid imminent threat to Federal property,” but agencies have discretion in how they interpret this guideline. And with two-thirds of the Cybersecurity and Infrastructure Security Agency (CISA) sitting at home, agencies already lack the support they’re used to at a time when they’re at greatest risk.

Are you surprised?

First published at https://www.vogelitlaw.com/blog/85-increase-in-us-government-cyberattacks-blamed-on-shutdown…
Continue Reading 85% increase in US Government Cyberattacks blamed on shutdown!

CSOonline.com reported that “Enterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves.” The October 20, 2025 entitled “Network security devices endanger orgs with ’90s era flaws” (https://www.csoonline.com/article/4074945/network-security-devices-endanger-orgs-with-90s-era-flaws.html) included…