News

CSO Online12h

Storm-0501 debuts a brutal hybrid ransomware attack chain

Storm-0501 is hijacking privileged accounts, deleting backups, and encrypting cloud data in a new hybrid ransomware campaign.
CSO Online10h

Whistleblower: DOGE put Social Security database covering 300 million Americans on insecure cloud

The complaint accuses DOGE of bypassing security protocols to move Americans’ sensitive personal data outside federal ...
CSO Online20h

Only 49% of companies to increase cyber budget after a breach

Increasing security spending after a cyber incident is falling out of fashion, as boards evolve their risk strategies, accept ...
CSO Online21h

5 ways to improve cybersecurity function while spending less

Government cutbacks, defunding of critical public resources, tariffs, and market uncertainty are impacting cybersecurity ...
CSO Online1d

Attackers exploiting NetScaler ADC and Gateway zero day flaw, Citrix warns

Citrix NetScaler ADC and NetScaler Gateway customers have been hit by a new round of zero day vulnerabilities that require ...
CSO Online1d

Anthropic detects the inevitable: genAI-only attacks, no humans involved

One cybersecurity consultant said this highly-expected development may change the attack community as the bad guys start ...
CSO Online1d

Cybersecurity Summit

This focused, one-day event brings together IT executives, CSO editors, and leading solutions experts to explore the latest ...
CSO Online1d

Critical Docker Desktop flaw allows container escape

Missing authentication on the Docker Engine management API for Docker Desktop on Windows and Mac allows attackers to break ...
CSO Online1d

Shadow AI is surging — getting AI adoption right is your best defense

Restricting access only compounds AI’s risks. Establishing a foundation for general-purpose AI experimentation will instead ...
CSO Online1d

Behind the Coinbase breach: Bribery emerges as enterprise threat

Coinbase’s breach shows how bribery schemes — long used for SIM swaps — can be a potent enterprise attack vector. Experts ...
CSO Online2d

LLMs easily exploited using run-on sentences, bad grammar, image scaling

Researchers continue to find vulnerabilities that dupe models into revealing sensitive information, indicating that security ...
CSO Online1d

Attackers steal data from Salesforce instances via compromised AI live chat tool

A threat actor managed to obtain Salesforce OAuth tokens from a third-party integration called Salesloft Drift and used the ...