CSO Online

Cybersecurity experts charged with running BlackCat ransomware operation

Two professionals tasked with defending against ransomware attacks allegedly deployed ALPHV malware against US companies, ...
CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
CSO Online

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control ...
CSO Online

Louvre delayed Windows security updates ahead of burglary

Thieves broke in through a second-floor window, but the museum has had other problems with unsecured Windows too, according ...
CSO Online

Gen AI success requires an AI champions network

To ensure generative AI competency and use becomes pervasive across the enterprise, CISOs and their colleagues must establish ...
CSO Online

Crowdstrike cybersecurity report highlights a spike in physical attacks on privileged users

Will CISOs now have to plan defenses for attackers with guns and knives? Said one consultant: “It is giving new meaning to ...
CSO Online

How crooks use IT to enable cargo theft

In the old days, crooks followed transport trucks and hijacked them. Today they use phishing, vishing and identity theft to find and divert valuable cargo via logistics systems. It’s a challenge for ...
CSO Online

US Appeals Court lowers burden of proof for data breach lawsuits

The 4th Circuit Court has ruled that dark web data publication alone may be damaging — a decision that could raise extortion ...
CSO Online

OpenAI launches Aardvark to detect and patch hidden bugs in code

Currently in private beta, the GPT-5-powered security agent scans, reasons, and patches software like a real researcher, ...
CSO Online

Aembit Introduces Identity and Access Management for Agentic AI

Aembit developed IAM for Agentic AI through collaboration with large businesses, government organizations, and innovative ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...
CSO Online

Chromium flaw crashes Chrome, Edge, Atlas: Researcher publishes exploit after Google’s silence

The vulnerability, dubbed Brash, can crash browsers within seconds by flooding the document.title API, and Google’s silence ...