News

CSO Online19m
Over 91% of companies sacrifice hybrid cloud security in the AI adoption rush
New data shows that a surge in AI and hybrid cloud architectures is creating dangerous gaps, and security teams can’t keep up ...
CSO Online1h
Beijing may have breached US government systems before Cityworks plugged a critical flaw
Talos' research revealed that Chinese hackers are actively exploiting the flaw to execute code and attempt persistence on ...
CSO Online6h
Critical infrastructure under attack: Flaws becoming weapon of choice
While phishing and stolen credentials remain frequent points of entry, overexposure and poor patch management of critical ...
CSO Online12h
Russian APT28 compromised Western logistics and IT firms to track aid to Ukraine
The Russian GRU-linked cyberespionage group APT28 has been targeting government agencies and companies from Western countries ...
CSO Online22h
Samlify bug lets attackers bypass single sign-on
Samlify is a library designed to simplify the implementation of SAML 2.0 for Single Sign-On (SSO) and Single Log-Out (SLO) by ...
CSO Online1d
Feds and Microsoft crush Lumma Stealer that stole millions of passwords
Lumma Stealer operation hit 400,000 computers worldwide before coordinated takedown shut down Russian cybercrime kingpin.
CSO Online1d
Top 12 US cities for cybersecurity job and salary growth
These dozen cities stand out as the most promising destinations for cybersecurity professionals due to their strong job ...
CSO Online1d
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Unprivileged users with permission to create objects inside an Active Directory organizational unit can abuse the new ...
CSO Online2d
Threat intelligence platform buyer’s guide: Top vendors, selection advice
Threat intelligence platforms have evolved and became essential security defensive tools. Here is what you need to know ...
CSO Online2d
A spoof antivirus makes Windows Defender disable security scans
In a proof-of-concept, a security researcher demonstrated how the Windows Security Center API can be used to block the scans ...
CSO Online1d
GitHub package limit put law firm in security bind
A cautionary tale of how a developer tool limit case could derail cybersecurity protections if not for quick thinking, public ...
CSO Online2d
Critical flaw in OpenPGP.js raises alarms for encrypted email services
The flaw, identified as CVE-2025-47934 and assigned a critical severity rating, was discovered by Edoardo Geraci and Thomas ...