CSO Online

Microsoft releases open-source tools to operationalize AI agent safety

Rampart turns red-team findings into repeatable tests; Clarity documents and validates agent design assumptions before code ...
CSO Online

AI becoming an SOC imperative for curtailing emerging cyber threats

Security experts urge cyber leaders to evolve their operations from reactive monitoring to autonomous, real-time protection.
CSO Online

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today ...
CSO Online

Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix

Microsoft says it is considering a patch for a zero-day vulnerability, dubbed YellowKey, that allows attackers with access to ...
CSO Online

Contractor’s public GitHub account exposed GovCloud and CISA credentials

This kind of exposure happens with alarming frequency,’ said an expert; here’s what CSOs and CIOs should do to protect ...
CSO Online

GitHub scales back bug bounties, reminds users security is their responsibility too

The cloud code repository asks security researchers to cut out the AI-generated noise and focus on reporting security ...
CSO Online

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

The latest SHub macOS infostealer variant abandons Terminal-based ClickFix tactics for AppleScript execution, using fake ...
CSO Online

Why some security fixes never reach your vulnerability dashboard

CVE was built to track code flaws with fixes. It’s now being stretched to cover malware and supply chain incidents that don’t ...
CSO Online

Microsoft May security patch fails for some due to boot partition size glitch

Consultants see the problem eating away at valuable patch resources because of a lack of Microsoft update hygiene ...
CSO Online

New image-based prompt injection attack targets multimodal AI models

Researchers say the technique can manipulate how vision-language models interpret both images and user prompts.
CSO Online

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...