CSO Online

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based ...
CSO Online

Government shutdown deepens US cyber risk, exposing networks to threat actors

As Trump’s cyber spending cuts and CISA firings weaken defenses, the latest government shutdown leaves federal networks even ...
CSO Online

CISA 2015 cyber threat info-sharing law lapses amid government shutdown

The expiration of a landmark cybersecurity law strips liability protections for cyber threat information sharing, leaving US ...
CSO Online

Databricks enters the cybersecurity arena with an AI-driven platform

The lakehouse provider aims to unify security data and respond to AI threats faster without replacing existing tools.
CSO Online

Don’t drink or drive, say cyberattackers

Jaguar Land Rover and Japanese brewer Asahi are reeling from cyberattacks as threat actors aim for widespread disruption.
CSO Online

Threat actors could retrieve valid usernames from VMware by exploiting vulnerabilities

CVE-2025-41252, a username enumeration vulnerability, also in NSX. An unauthenticated malicious actor may exploit this ...
CSO Online

Agentic AI in IT security: Where expectations meet reality

Agentic AI is already changing how security operations centers function, handling repeatable tasks and freeing analysts for ...
CSO Online

Chinese hackers breached critical infrastructure globally using enterprise network gear

RedNovember group exploited VPN appliances and firewalls to hit defense contractors, government agencies, and manufacturers ...
CSO Online

Coherence: Insider risk strategy’s new core principle

Control and surveillance have long been the central principles for reducing insider risk. But ensuring organizational ...
CSO Online

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

The multi-stage attack uses encrypted shellcode, steganography, and reflective DLL loads to deploy XWorm without leaving ...
CSO Online

CSO30 Awards 2025 celebrate Australia’s top cybersecurity leaders

Australia's leading cybersecurity executives recognised for their leadership and business value at gala ceremony in Sydney.
CSO Online

Trust in MCP takes first in-the-wild hit via squatted Postmark connector

In a newly disclosed supply-chain attack, an npm package “postmark-mcp” was weaponized to stealthily exfiltrate emails, ...