News

CSO Online1d

VoidProxy phishing-as-a-service operation steals Microsoft, Google login credentials

If a victim is unwise enough to enter their primary Microsoft or Google credentials on the phishing page, the data is sent to ...
CSO Online1d

VMScape Spectre BTI attack breaks VM isolation on AMD and Intel CPUs

The Spectre-like CPU branch target injection (BTI) breaks the guest-host layer in virtualized environments, introducing a new ...
CSO Online2d

12 digital forensics certifications to accelerate your cyber career

As cyberattacks grow more complex, digital forensics certs can equip professionals with the skills and credibility to ...
CSO Online1d

2025 CSO Hall of Fame: Laura Deaner on AI, quantum threats, and cyber leadership

Today’s security leaders should focus on continuous learning and strengthening defenses against evolving cyber threats.
CSO Online1d

How Wesco cut through the noise and reimagined risk management

The supply chain solutions provider used data consolidation and AI to turn overwhelming security alerts into clear priorities ...
CSO Online3d

AI prompt injection gets real — with macros the latest hidden threat

Attackers are evolving their malware delivery tactics by weaponing malicious prompts embedded in document macros to hack AI ...
CSO Online4dOpinion

What the Salesloft Drift breaches reveal about 4th-party risk

Turns out your biggest breach risk might come from a vendor’s acquisition — and an old OAuth token you didn’t even know ...
CSO Online5d

5 ways CISOs are experimenting with AI

From executive podcasts to AI-driven threat hunting, CISOs are cautiously testing how AI can support security operations and ...
CSO Online1d

Stealthy AsyncRAT flees the disk for a fileless infection

Attackers are abusing legitimate remote access tools and lightweight scripts to deliver AsyncRAT entirely in memory, ...
CSO Online2d

Microsoft under fire: Senator demands FTC investigation into ‘arsonist selling firefighting services’

US Senator Ron Wyden has called for accountability after healthcare ransomware attacks exposed Windows vulnerabilities that ...
CSO Online2d

Docker malware breaks in through exposed APIs, then changes the locks

The new variant of Docker-targeting malware skips cryptomining in favor of persistence, backdoors, and even blocking rivals ...
CSO Online5d

When AI nukes your database: The dark side of vibe coding

As developers lean on Copilot and GhostWriter, experts warn of insecure defaults, hallucinated dependencies, and attacks that ...