CSO Online

New image-based prompt injection attack targets multimodal AI models

Researchers say the technique can manipulate how vision-language models interpret both images and user prompts.
CSO Online

Microsoft May security patch fails for some due to boot partition size glitch

Consultants see the problem eating away at valuable patch resources because of a lack of Microsoft update hygiene ...
CSO Online

‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

Elevation of privilege flaw in Cloud Filter driver reappears, raising concerns over regression vulnerabilities in Windows.
CSO Online

AI cyberattackers are getting better faster

The difficulty of the cybersecurity defenses AI models can crack is doubling every four months or so — and that time interval ...
CSO OnlineOpinion

Why the best security investment a board can make in 2026 isn’t another tool

Instead of buying yet another security tool that doesn't work, boards need to invest in a clear map of their tech environment ...
CSO Online

AI coding is fueling a secrets-sprawl crisis few CISOs are containing

CISOs should treat secrets sprawl as a governance challenge. This means enforcing clear ownership, adopting short-lived ...
CSO Online

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows ...
CSO Online

Expired domain leads to supply chain attack on node-ipc npm package

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...
CSO Online

OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos

OpenAI’s new cybersecurity platform aims to automate vulnerability detection, patch validation, and secure software ...
CSO Online

Cisco warns of an actively exploited SD-WAN flaw with max severity

The authentication bypass bug (CVE-2026-20182) in Catalyst SD-WAN gives remote attackers admin access, with no workaround ...
CSO Online

Autonomous systems are finally working. Security is next

Security is having its "Waymo moment," moving past endless alerts to autonomous systems that investigate and fix threats ...