David DiMolfetta
@ddimolfetta
@NextgovFCW cybersecurity + intelligence reporter. Tips: [email protected] Signal: @ djd.99 BSKY: @ddimolfetta.bsky.social
Celebrating one year with @NextgovFCW and the GovExec team today. Thanks for being here with me, it's a privilege to have this job. Much more work ahead. Cyber and intel folks, you know where to find me: [email protected] or Signal @ djd.99
"[A]t least a dozen Chinese companies participate in the initiative, called the Microsoft Active Protections Program ... After signing a non-disclosure agreement, they receive information about novel patches to vulnerabilities 24 hrs before Microsoft releases them to the public."
Microsoft is investigating whether a leak from its early alert system for cybersecurity companies allowed Chinese hackers to exploit flaws in its SharePoint service before they were patched bloomberg.com/news/articles/…
Heat advisory today as it'll feel like 105-109. We're giving it a 1/10 on the daily digit and hanging out next to the air conditioner. The forecast is hot into next week: washingtonpost.com/weather/2025/0…
An NRO/CIA acquisitions data website appears to have been compromised in connection with ongoing exploitations of Microsoft SharePoint vulnerabilities, the Washington Times reports. washingtontimes.com/news/2025/jul/…
Pentagon not impacted by Microsoft Sharepoint hack, DOD CIO Katie Arrington said at GovExec’s ATO and Cloud Security Summit event Thursday. via our editor-in-chief @Frank_Konkel nextgov.com/cybersecurity/…
Been a rough week for people with same initials for first name and last name. First Ozzy, now Hulk Hogan. Am I next??
Between us @etuckerAP and I have probably read as much as anyone without a security clearance about the 2016 Russia investigation. We look at Gabbard's latest claims and find them unsupported (and in some cases contradicted) by the documents she released: apnews.com/article/gabbar…
Update: DHS spokesperson says “no evidence of data exfiltration at DHS or any of its components at this time.”
Scoop —> DHS impacted in hack of Microsoft SharePoint products. Across the world, Qatari government systems are believed to have been targeted. ⬇️
David DiMolfetta “ ‘Let me be blunt: We are not prepared for a major attack on our critical infrastructure,’ Robert M. Lee, CEO of industrial cybersecurity firm @DragosInc also said in his opening statement.” nextgov.com/cybersecurity/… @NextgovFCW @ddimolfetta @RobertMLee
David DiMolfetta and Frank Konkel: "The #ZeroDayVulnerability — which was first disclosed late Saturday — has been exploited by several Chinese state-aligned groups, according to @Microsoft." nextgov.com/cybersecurity/… @NextgovFCW @Frank_Konkel @ddimolfetta @DHSgov
Confirming @NextgovFCW's reporting here on SharePoint victims: nextgov.com/cybersecurity/… "DHS was impacted and over a dozen other agencies were notified" of compromises, a person familiar with the matter tells me, "as well as several critical infrastructure companies."
Exclusive: The Justice Department told President Trump in May that his name is among many in the Epstein files on.wsj.com/4mcTIKV
WaPo: Pentagon’s independent watchdog received evidence that messages from Defense Secretary Pete Hegseth’s Signal account previewing a U.S. bombing campaign in Yemen derived from a classified email labeled “SECRET/NOFORN” -> washingtonpost.com/national-secur…
Add HHS to the list of agencies compromised by hackers exploiting the Microsoft SharePoint vulnerability. washingtonpost.com/technology/202…
National Nuclear Security Administration breached via exploitation of Microsoft SharePoint, Bloomberg reports, citing one person with knowledge of the matter. No known sensitive or classified info was compromised. bloomberg.com/news/articles/…
