News

CSO Online1d
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Recent attacks by the state-run cyberespionage group against Ukrainian government targets included malware capable of ...
CSO Online1d
Threat actors scanning for apps incorporating vulnerable Spring Boot tool
GreyNoise said over 2,000 IP addresses have scanned for Spring Boot Actuator endpoints in the past 90 days. Of them, 1,582 ...
CSO Online4d
7 obsolete security practices that should be terminated immediately
Bad habits can be hard to break. Yet when it comes to security, an outdated practice is not only useless, but potentially ...
CSO Online3d
How AI is changing the GRC strategy
CISOs find themselves at a pinch-point needing to manage AI risks while supporting organizational innovation. The way forward ...
CSO Online2d
Clément Domingo: “We are not using AI correctly to defend ourselves”
Cybercrime is evolving into a sophisticated, business-like ecosystem, with criminal groups operating like legitimate ...
CSO Online2d
Ransomware actors target patched SonicWall SMA devices with rootkit
A hacker group connected to data theft, extortion, and ransomware is targeting SonicWall SMA 100 series appliances with a ...
CSO Online3d
Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state
Chinese hackers stole network diagrams, credentials, and personnel data in a breach that poses a threat to critical ...
CSO Online5d
8 tough trade-offs every CISO must navigate
Increasing responsibilities and greater need to align with business objectives have security leaders facing greater risks — ...
CSO Online6d
Putting AI-assisted ‘vibe hacking’ to the test
Valuable tools for experienced attackers and researchers, LLMs are not yet capable of creating exploits at a prompt, ...
CSO Online9d
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves
The cybercriminal group has broadened its attack scope across several new industries, bringing valid credentials to bear on ...
CSO Online10d
MCP is fueling agentic AI — and introducing new security risks
MCP allows AI agents and chatbots to connect to data sources, tools, and other services, but they pose significant risks for ...
CSO Online3d
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
A critical vulnerability in OCI’s Code Editor exposed enterprise environments to RCE and privilege escalation risks, ...