CSO Online

Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emerges

The latest phMonitor vulnerability continues a multiyear pattern of unauthenticated command‑injection flaws in Fortinet’s ...
CSO Online

Ransomware gangs extort victims by citing compliance violations

Ransomware attacks remain among the most common attack methods. As recent analyses show, cyber gangs are increasingly ...
CSO Online

From typos to takeovers: Inside the industrialization of npm supply chain attacks

A dramatic spike in npm-focused intrusions shows how attackers have shifted from opportunistic typosquatting to systematic, ...
CSO Online

Output from vibe coding tools prone to critical security flaws, study finds

The assessment, which it conducted in December 2025, compared five of the best-known vibe coding tools — Claude Code, OpenAI ...
CSO Online

Iran’s partial internet shutdown may be a windfall for cybersecurity intel

With only government agencies allowed internet access, the signal to noise ratio in that country is flipped, which could ...
CSO Online

US cybersecurity weakened by congressional delays despite Plankey renomination

Sean Plankey’s renomination as CISA director offers some relief, but stalled legislation on cyber threat information sharing ...
CSO Online

Sophisticated VoidLink malware framework targets Linux cloud servers

Check Point researchers have discovered a modular malware framework likely designed by Chinese developers to harvest ...
CSO OnlineOpinion

Cybersecurity at the state and local level: Washington has the framework, it’s time to act

Washington finally set up the rules and money for state and local cybersecurity — now the real risk is waiting too long to ...
CSO Online

CrowdStrike to add browser security to Falcon with Seraphic acquisition

As generative AI reshapes browser usage, the acquisition will bring in-session browser security to the Falcon platform.
CSO Online

SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats

Supply Chain Threat Protection addresses a critical gap in enterprise security: the inability to maintain real-time awareness ...
CSO Online

January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention

Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for ...
CSO Online

Cybersecurity risk will accelerate this year, fueled in part by AI, says World Economic Forum

Its annual cybersecurity outlook says cyber resilience is key to lowering that risk, with AI the most significant driver of ...