News

CSO Online2h
Phishing campaign abuses Cloudflare Tunnels to sneak malware past firewalls
The last option is to get Cloudflare itself to block the abuse. That might be successful as long as the company conducts ...
CSO Online7h
North Korea’s BlueNoroff uses AI deepfakes to push Mac malware in fake Zoom calls
In a sophisticated new campaign, executives are being tricked into installing malware via AI-generated video calls with ...
CSO Online17h
Asana’s MCP AI connector could have exposed corporate data, CSOs warned
CSOs with Asana’s Model Context Protocol (MCP) server in their environment should scour their logs and metadata for data ...
CSO Online9h
Third-party risk management is broken — but not beyond repair
TPRM today prioritizes fear of penalty over pursuit of real security. By investing in a comprehensive, targeted approach, ...
CSO Online20h
5 security secrets of elite defenders
Elite defenders strive for complete visibility into all network traffic. They recognize that modern attackers rarely reach ...
CSO Online1d
GitHub Actions attack renders even security-aware orgs vulnerable
Many open-source repositories contain privileged GitHub Actions workflows that execute untrusted code and can be triggered by ...
CSO Online1d
WormGPT returns: New malicious AI variants built on Grok and Mixtral uncovered
Cybercriminals are hijacking mainstream LLM APIs like Grok and Mixtral with jailbreak prompts to relaunch WormGPT as potent ...
CSO Online1d
The highest-paying jobs in cybersecurity today
According to a recent survey by IANS and Artico Search, risk/GRC specialists, along with security architects, analysts, and ...
CSO Online2d
Security, risk and compliance in the world of AI agents
Customer support. AI is being used to analyze conversation history, past purchases and intent in real time. It personalizes ...
CSO Online2d
Phishing goes prime time: Hackers use trusted sites to hijack search rankings
Through the underground Hacklink platform, attackers exploit .gov and .edu domains to boost fraudulent pages to the top of ...
CSO Online2d
Operation 999: Ransomware tabletop tests cyber execs’ response
CSO took part as a media advisor in a tabletop exercise that put CISOs and senior security leaders against one another in a ...
CSO Online2d
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Chimera-sandbox-extensions” exploit highlights rising risks of open-source package abuse, prompting calls for stricter ...