News

CSO Online43m
Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state
Chinese hackers stole network diagrams, credentials, and personnel data in a breach that poses a threat to critical ...
CSO Online5h
7 obsolete security practices that should be terminated immediately
Bad habits can be hard to break. Yet when it comes to security, an outdated practice is not only useless, but potentially ...
CSO Online8h
Google Gemini vulnerability enables hidden phishing attacks
Gemini parses the invisible directive and appends the attacker’s phishing warning to its summary output. If the user follows ...
CSO Online11h
Alert: Nvidia GPUs are vulnerable to Rowhammer attacks
Nvidia has issued a security reminder to application developers, computer manufacturers, and IT leaders that modern memory ...
CSO Online23h
How phishers are weaponizing SVG images in zero-click, evasive campaigns
Seemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.
CSO Online1d
AI poisoning and the CISO’s crisis of trust
The CISO’s role has always been to protect the organization from threats it does not yet understand. AI poisoning requires ...
CSO Online1d
How defenders use the dark web
Gathering threat intelligence, finding the perpetrators of cyber attacks and bringing down whole ransomware gangs are some of ...
CSO Online2d
New Grok-4 AI breached within 48 hours using ‘whispered’ jailbreaks
Just days after launch, Elon Musk’s Grok-4 is compromised by researchers using a stealthy blend of Echo Chamber and Crescendo ...
CSO Online1d
8 tough trade-offs every CISO must navigate
Increasing responsibilities and greater need to align with business objectives have security leaders facing greater risks — ...
CSO Online1d
The 10 most common IT security mistakes
In practice, incident response teams repeatedly encounter the same weaknesses. What are they and how can they be resolved?
CSO Online2d
Putting AI-assisted ‘vibe hacking’ to the test
Valuable tools for experienced attackers and researchers, LLMs are not yet capable of creating exploits at a prompt, ...
CSO Online6d
MCP is fueling agentic AI — and introducing new security risks
MCP allows AI agents and chatbots to connect to data sources, tools, and other services, but they pose significant risks for ...