CSO Online

Hardening browser security with zero-trust controls

Modern attacks hit the browser first, so zero trust flips the script — verify identity, check the device and lock down each ...
CSO Online

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
CSO OnlineOpinion

Avoiding the next technical debt: Building AI governance before it breaks

AI is moving fast, but without early guardrails, it’ll cause the same messy debt we faced with cloud and APIs.
CSO Online

Cloudflare firewall reacts badly to React exploit mitigation

That vulnerability, tracked as CVE-2025-55182, enables attackers to remotely execute code on web servers running the React 19 ...
CSO Online

15 years in, zero trust remains elusive — with AI rising to complicate the challenge

Technology rethink urged as enterprises still struggle to achieve the full benefits of zero trust access control.
CSO Online

SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware

Phishing has surged 400% year-over-year, highlighting need for real-time visibility into identity exposures.
CSO Online

AI creates new security risks for OT networks, warns NSA

Although intended for OT administrators, new multi-agency AI guidelines raise issues that apply across IT networks as well.
CSO Online

Coupang breach of 33.7 million accounts allegedly involved engineer insider

South Korea’s worst data breach in over a decade raises concerns about poor authentication key management and a potential ...
CSO Online

Suspicious traffic could be testing CDN evasion, says expert

That’s the conclusion of Johannes Ullrich, dean of research at the SANS Institute, who this week said his organization’s ...
CSO Online

From feeds to flows: Using a unified linkage model to operationalize threat intelligence

Threat intel gets useful when you stop chasing feeds and start mapping flows — ULM shows how attacks actually move, so CISOs ...
CSO Online

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while ...
CSO Online

Coach or mentor: What you need depends on where you are as a cyber leader

What a cybersecurity leader or aspiring one may need can vary depending on their experience, their focus whether technical or ...