CSO Online

Google gets agent-ready for the Mythos age

At Cloud Next ‘26, Google introduced AI-driven security agents, Wiz-powered multicloud protection, and new controls to secure ...
CSO Online

Microsoft taps Anthropic’s Mythos to strengthen secure software development

Microsoft plans to integrate Anthropic’s Mythos AI model into its Security Development Lifecycle, a move that suggests ...
CSO Online

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Patching is not enough: applications embedding the insecure library will need to be rebuilt, and affected tokens and cookies ...
CSO Online

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...
CSO Online

NFC tap-to-pay gets tapped by hackers

Attackers are abusing a modified Android NFC app to steal payment card data and PINs for contactless fraud and ATM cash-outs.
CSO Online

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

The AI exposed hundreds of bugs in Mozilla’s web browser, raising hopes around defensive advantage, alongside fears of ...
CSO Online

Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...
CSO Online

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
CSO Online

Anthropic bets on EPSS for the coming bug surge

As Anthropic’s Mythos signals a shift to unprecedented machine-speed vulnerability discovery, EPSS is gaining renewed ...
CSO Online

Why identity is the driving force behind digital transformation

Identity isn't just about logging in anymore; it’s the "invisible engine" that helps teams move faster, keeps data secure, ...
CSO Online

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Now that an attacker can use an LLM to weaponize a bug the minute it's found, taking 12 days to patch ‘is essentially a ...
CSO Online

Top techniques attackers use to infiltrate your systems today

Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying ...