CSO Online

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to ...
CSO Online

Flowise’s MCP implementation can run ghost commands

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...
CSO Online

6 critical security gaps every CISO must address

From perception to skills to the speed of cyber defense, here are the most common strategic and tactical shortcomings that ...
CSO Online

Press Release: CSO30 ASEAN & Hong Kong Awards 2026 open for nominations

The deadline for nominations: 31 July 2026. Due to the sensitive nature of cybersecurity work, project details will not be ...
CSO Online

Another IT governance headache: AI-enabled sanction evasion

A new report from RUSI focuses on how AI models are enabling regimes such as North Korea and Iran to execute cyber operations ...
CSO Online

GlassWorm falls, but the repo problem is far from solved

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...
CSO Online

Indian CERT urges firms to contain exploited internet-facing flaws within 12 hours

The cyber agency is pushing aggressive remediation windows, continuous exposure management, and AI governance controls in ...
CSO Online

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
CSO Online

Microsoft previews automatic device isolation in Defender for Endpoint

The new capability will be added to the automatic attack disruption tool, however, new research warns that the tool has to be ...
CSO Online

Project Glasswing has uncovered 10,000 vulnerabilities: Anthropic

This means organizations that still treat patching as a quarterly exercise are operating with materially more risk than they ...
CSO OnlineOpinion

The NSA, ‘Mythos’ and the quiet emergence of AI cyber doctrine

The rise of autonomous AI in warfare has shifted cyber conflict from speed to scale, requiring a new doctrine focused on ...
CSO Online

DNS-AID will make AI agents easier to discover, says Linux Foundation

As AI agents become more numerous and more communicative, keeping track of where to find them is becoming increasingly important. Numerous proprietary agent registries are on the market, but the Linux ...