CSO Online

FBI warns of Kali Oauth stealers

The FBI has warned of the danger from a new wave of phishing attack s generated by a tool called Kali365. It enables cyber ...
CSO Online

Microsoft says it’s making AI ‘safe for work’ in your browser

Microsoft is testing the addition of agentic AI to its corporate browser, Edge for Business. A new version, currently ...
CSO Online

Why your AI strategy stops where the PLC starts: Hard lessons from the OT frontlines

High-tech AI dashboards are just expensive illusions if they ignore the unpatched legacy tech that keeps your entire ...
CSO Online

Google folds CodeMender into agent ecosystem amid push for AI-led AppSec

Expansion beyond autonomous patching reflects growing emphasis on orchestration, governance, and enterprise trust ...
CSO Online

Identity as the primary attack surface: What modern breaches are really exploiting

Hackers aren't breaking through firewalls anymore; they are just logging in with stolen credentials, meaning your identity ...
CSO Online

Microsoft patches two zero-day flaws in Defender

CISA has added the Microsoft Malware Protection Engine and Microsoft Defender Antimalware Platform vulnerabilities to its KEV ...
CSOonline

Critical vulnerability in Cisco Secure Workload rated at maximum severity

A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise ...
CSO Online

Unpatched ChromaDB flaw leaves servers open to remote code execution

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...
CSO Online

Microsoft releases open-source tools to operationalize AI agent safety

Rampart turns red-team findings into repeatable tests; Clarity documents and validates agent design assumptions before code ...
CSO Online

Contractor’s public GitHub account exposed GovCloud and CISA credentials

This kind of exposure happens with alarming frequency,’ said an expert; here’s what CSOs and CIOs should do to protect ...
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today ...
CSO Online

GitHub admits major source code leak after 3,800 internal repositories breached

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...