CSO Online

Just 34% of cyber pros plan to stick with their current employer

Career development, workplace flexibility, and security authority becoming key factors in cybersecurity workforce retention, ...
CSO Online

Managing OT risk at scale: Why OT cyber decisions are leadership decisions

Protecting industrial tech isn't just about better tools; it’s about leaders deciding in advance who calls the shots when a ...
CSO Online

Human-centric failures: Why BEC continues to work despite MFA

Hackers don't need to break your MFA if they can just trick your team into sending money, which is why your "unauthorized ...
CSO Online

Bank regulator sounds warning over cybersecurity threat posed by AI models

Frontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking ...
CSO Online

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container ...
CSO Online

ODNI to CISOs on threat assessments: You’re on your own

The 2026 Annual Threat Assessment from the ODNI marks a departure from systemic state-actor tracking, signaling that the ...
CSO Online

Dismantle implicit trust in OT networks, CISA tells critical infrastructure operators

The US Cybersecurity and Infrastructure Security Agency (CISA) has asked owners and operators of operational technology to ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
CSO Online

Max-severity RCE flaw found in Google Gemini CLI

Security researchers warn that a vulnerability in the widely used Gemini CLI could allow remote code execution in CI/CD ...
CSO Online

Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years

Targeting high-precision floating-point arithmetic operations in engineering modeling software, Fast16 may now be the ...
CSO Online

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...
CSO OnlineOpinion

Stopping the quiet drift toward excessive agency with re-permissioning

Treating AI agents like "harmless helpers" is a disaster in the making. If you don't audit their access now, your automation ...