CSO Online

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Now a security researcher says a Reader hole has been quietly exploited by malware for as long as four months, fingerprinting ...
CSO Online

Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning

More than half the traffic on Cloudflare is already secure against the threat of harvest-now/decrypt-later using ML-KEM ...
CSO Online

Weak at the seams

We’ve spent billions on security tools, but we’re still falling behind because our systems are too tightly coupled. One tiny ...
CSO Online

Patch windows collapse as time-to-exploit accelerates

AI and the industrialization of cybercrime are helping attackers double the number of high- and critical-severity known ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
CSO Online

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...
CSO Online

The tabletop exercise grows up

The tabletop is ready to grow up. Whether your program is ready to grow with it depends less on the technology than on your ...
CSO Online

Yael Nardi joins Minimus as Chief Business Officer to drive hyper-growth

Minimus, a provider of hardened container images and secure container images designed to reduce CVE risk, today announced the ...
CSO Online

Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites

Operational disruptions and financial losses have already been reported, and six federal agencies say the campaign is ongoing ...
CSO Online

Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions

By altering DNS settings on vulnerable devices, Forest Blizzard redirects users to malicious infrastructure to capture ...
CSO Online

Questions raised about how LinkedIn uses the petabytes of data it collects

A European company selling browser extensions that leverage LinkedIn data is accusing the Microsoft unit of using its data to ...
CSO OnlineOpinion

LLM-generated passwords are indefensible. Your codebase may already prove it

Stop letting AI pick your passwords. They follow predictable patterns instead of being truly random, making them easy for ...