CSO Online | Security at the speed of business [Unofficial]

@csoonline.com.web.brid.gy

CSO delivers the critical information about trends, practices, and products enterprise security leaders need to defend against criminal cyberattacks and other threats. 🌉 bridged from 🌐 https://csoonline.com/: https://fed.brid.gy/web/csoonline.com

19 followers0 following573 stories

Longform Stories

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

1d ago·3 min read·580 words

Security shifts to the human layer as AI scams surge

1d ago·4 min read·709 words

AI worm prototype shows attackers don’t need Mythos to take over your network

1d ago·8 min read·1533 words

Meet Hades: The malware that lies to AI security agents

1d ago·5 min read·912 words

OpenAI’s Lockdown Mode is trying to solve the problem that it created

1d ago·8 min read·1481 words

Attackers exploiting unpatched Cisco SD-WAN flaw

1d ago·2 min read·397 words

Protocol Buffers schemas expose remote code execution risk

2d ago·3 min read·589 words

Why most enterprise security teams would fail a military readiness test

2d ago·7 min read·1251 words

Ukraine’s foreign minister offer recipe for improved resilience

2d ago·4 min read·719 words

Microsoft identifies seven new ways AI agents can be hacked

4d ago·2 min read·325 words

Patching fast and slow: Ruby devs delay to defend against supply chain attack

4d ago·2 min read·253 words

Malware could drain your fuel tank as well as your bank account

5d ago·2 min read·246 words

Claude Code has an MCP security problem — and your developers are already using it

5d ago·7 min read·1250 words

AI tools becoming hot commodities on ransomware marketplaces

5d ago·4 min read·739 words

US government report slams NIST for NVD backlog

5d ago·8 min read·1405 words

HTTP/2’s speed abused to slow webserver performance in DoS attack

5d ago·3 min read·522 words

OpenAI responds to White House executive order on AI governance

5d ago·5 min read·824 words

Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs

6d ago·6 min read·1179 words

Beware the ‘son of Mythos,’ security experts warn

6d ago·4 min read·618 words

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

6d ago·6 min read·1178 words

Enterprise Spotlight: Rethinking cloud strategy in the age of AI

6d ago·1 min read·87 words

Microsoft wants to put AI agents on a short leash

Jun 3·4 min read·672 words

AI may finally unlock the cyber budgets CISOs have wanted for years

Jun 3·7 min read·1394 words

Lessons from the Canvas cyberattack

Jun 3·8 min read·1487 words

Anthropic grants Project Glasswing access to 150 more companies, with a focus on critical infrastructure

Jun 3·6 min read·1150 words

Two-year old Oracle WebLogic Server vulnerability is being exploited

Jun 2·5 min read·921 words

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

Jun 2·4 min read·704 words

Trump revives parts of canceled AI order with cybersecurity-focused directive

Jun 2·7 min read·1356 words

Infected Red Hat npm packages expose developer credentials

Jun 2·4 min read·610 words

Attackers exploit Palo Alto GlobalProtect flaw days after disclosure

Jun 2·5 min read·831 words

Attack targeting OpenAI Codex users exposes AI software supply chain risks

Jun 2·3 min read·569 words

7 tabletop exercise mistakes that sabotage incident response

Jun 2·7 min read·1392 words

Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’

Jun 1·3 min read·489 words

Flowise’s MCP implementation can run ghost commands

Jun 1·3 min read·557 words

6 critical security gaps every CISO must address

Jun 1·8 min read·1566 words

Press Release: CSO30 ASEAN & Hong Kong Awards 2026 open for nominations

Jun 1·3 min read·551 words

Russia-aligned crime group Greyvibe extensively uses AI in attacks

May 30·4 min read·665 words

Microsoft and security researcher’s dueling posts about cybersecurity disclosures get nasty

May 29·6 min read·1189 words

DNS-AID will make AI agents easier to discover, says Linux Foundation

May 29·2 min read·247 words

Certifiably random: Swiss researchers claim perfect random number source

May 29·2 min read·270 words

Notepad++ vulnerabilities could enable arbitrary code execution on Windows systems

May 29·4 min read·648 words

The Gentlemen are coming for your files, and then your network

May 29·4 min read·623 words

Cybersecurity trends in SEC filings

May 29·11 min read·2004 words

GDPR set the tone for regulatory action — and the AI fine pushback to come

May 29·6 min read·1013 words

IBM and Red Hat want to become the ‘security clearinghouse’ for open source applications in the enterprise

May 29·6 min read·1020 words

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

May 29·5 min read·875 words

Indian CERT urges firms to contain exploited internet-facing flaws within 12 hours

May 28·4 min read·746 words

GlassWorm falls, but the repo problem is far from solved

May 28·4 min read·707 words

The AI governance imperative you can’t afford to ignore

May 28·7 min read·1225 words

What the industrialization of exploitation means for defenders

May 28·7 min read·1234 words

Employees are unknowingly inviting tech support impersonators into firms, says FBI

May 28·8 min read·1456 words

Another IT governance headache: AI-enabled sanction evasion

May 27·6 min read·1114 words

AI models more vulnerable than claimed when faced with iterative attacks

May 27·5 min read·866 words

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

May 27·4 min read·751 words

The NSA, ‘Mythos’ and the quiet emergence of AI cyber doctrine

May 27·9 min read·1658 words

DSPM buyer’s guide: Top 10 data security posture management tools

May 27·14 min read·2743 words

Microsoft previews automatic device isolation in Defender for Endpoint

May 27·7 min read·1212 words

GitHub Actions abused by Megalodon attack to slip malicious commits into 5,500 repos

May 26·3 min read·520 words

TrapDoor malware campaign puts developer workstations in CISO spotlight

May 26·4 min read·690 words

Stop treating AI governance as a review layer. Make it release infrastructure

May 26·7 min read·1320 words

Vulnerabilities have become cyber attackers’ No. 1 door to the enterprise

May 26·7 min read·1213 words

Security experts caution MFA alone can no longer stop threat actors

May 26·7 min read·1283 words

Project Glasswing has uncovered 10,000 vulnerabilities: Anthropic

May 26·7 min read·1250 words

AI security needs a shift from models to systems, researchers argue

May 25·5 min read·837 words

As AI speeds coding, CVE Lite CLI keeps security deliberately AI-free

May 25·5 min read·944 words

To pay, or not to pay: 58% of CISOs say they would pay the ransom for their data

May 25·3 min read·600 words

Google leaks details for Chromium bug that can turn browsers into bots

May 23·3 min read·575 words

FBI warns of Kali Oauth stealers

May 22·2 min read·235 words

Police take down VPN service (this time with a good reason)

May 22·2 min read·273 words

Microsoft says it’s making AI ‘safe for work’ in your browser

May 22·2 min read·239 words

Why your AI strategy stops where the PLC starts: Hard lessons from the OT frontlines

May 22·7 min read·1239 words

Identity as the primary attack surface: What modern breaches are really exploiting

May 22·7 min read·1312 words

Google folds CodeMender into agent ecosystem amid push for AI-led AppSec

May 22·4 min read·670 words

Critical vulnerability in Cisco Secure Workload rated at maximum severity

May 21·4 min read·601 words

Microsoft patches two zero-day flaws in Defender

May 21·2 min read·376 words

Unpatched ChromaDB flaw leaves servers open to remote code execution

May 21·4 min read·763 words

Microsoft releases open-source tools to operationalize AI agent safety

May 21·3 min read·544 words

AI becoming an SOC imperative for curtailing emerging cyber threats

May 21·5 min read·828 words

Microsoft is working on a patch for ‘YellowKey’ attack on Bitlocker, offers temporary fix

May 21·3 min read·571 words

Drupal admins rushing to patch maximum severity SQL injection vulnerability

May 20·4 min read·694 words

GitHub admits major source code leak after 3,800 internal repositories breached

May 20·4 min read·626 words

SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain

May 20·4 min read·686 words

Why some security fixes never reach your vulnerability dashboard

May 20·8 min read·1509 words

Microsoft disrupts malware code-signing service used by ransomware gangs

May 20·3 min read·551 words

Contractor’s public GitHub account exposed GovCloud and CISA credentials

May 19·6 min read·1003 words

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

May 19·4 min read·646 words

GitHub scales back bug bounties, reminds users security is their responsibility too

May 19·4 min read·795 words

Internet Explorer may be dead, but its ghost still runs malware

May 19·3 min read·560 words

7 tips for accelerating cyber incident recovery

May 19·7 min read·1252 words

Microsoft May security patch fails for some due to boot partition size glitch

May 18·4 min read·730 words

AI cyberattackers are getting better faster

May 18·4 min read·782 words

New image-based prompt injection attack targets multimodal AI models

May 18·5 min read·810 words

‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

May 18·4 min read·786 words

Why the best security investment a board can make in 2026 isn’t another tool

May 18·7 min read·1337 words

AI coding is fueling a secrets-sprawl crisis few CISOs are containing

May 18·8 min read·1410 words

Expired domain leads to supply chain attack on node-ipc npm package

May 15·5 min read·969 words

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

May 15·5 min read·917 words

Cisco warns of an actively exploited SD-WAN flaw with max severity

May 15·3 min read·534 words

Autonomous systems are finally working. Security is next

May 15·6 min read·1027 words

EU’s Cyber Resiliency Act will put IT leaders to the test

May 15·8 min read·1502 words

The economics of ransomware 3.0

May 15·8 min read·1500 words

AI agent finds 18-year-old remote code execution flaw in Nginx

May 14·4 min read·708 words

Meet Fragnesia, the third Linux kernel vulnerability in a month

May 14·3 min read·580 words

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

May 14·4 min read·749 words

PraisonAI vulnerability gets scanned within 4 hours of disclosure

May 14·3 min read·524 words

What CISOs need to land a board role

May 14·7 min read·1270 words

Fired employee sought AI help to hide deletion of hosting firm’s customer data

May 13·1 min read·13 words

Fortinet fixes two critical RCE flaws in FortiAuthenticator and FortiSandbox

May 13·1 min read·10 words

What happens when China’s AI catches up to Mythos?

May 13·1 min read·9 words

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

May 13·1 min read·12 words

Palo Alto bets on identity security for autonomous AI with Idira launch

May 13·1 min read·12 words

ClickFix finds a backup plan in PySoxy proxy chains

May 13·1 min read·9 words

CISA’s AI SBOM guidance pushes software supply-chain oversight into new territory

May 13·1 min read·11 words

2026 CSO Award winners showcase business-enabling cyber innovation

May 13·1 min read·8 words

Google entdeckt erstmals KI-basierten Zero-Day-Exploit

May 13·1 min read·5 words

May Patch Tuesday roundup: Critical holes in Windows Netlogon, DNS, and SAP S/4HANA

May 13·1 min read·13 words

Mistral AI SDK, TanStack Router hit in npm software supply chain attack

May 12·1 min read·12 words

OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos

May 12·1 min read·9 words

Fake Claude Code takes the IElevator to your browser secrets

May 12·1 min read·10 words

cPanel flaw exposes enterprises to hosting supply-chain risks

May 12·1 min read·8 words

Developer workstations are the new beachhead

May 12·1 min read·6 words

CISOs step into the AI spotlight

May 12·1 min read·6 words

Why patching SLAs should be the floor, not the strategy

May 12·1 min read·10 words

Linux kernel maintainers suggest a ‘kill switch’ to protect systems until a zero-day vulnerability is patched

May 12·1 min read·16 words

Entries now open for the 2026 CSO30 Australia Awards

May 11·1 min read·9 words

Lyrie.ai Joins First Batch of Anthropic’s Cyber Verification Program

May 11·1 min read·9 words

Google discovers weaponized zero-day exploits created with AI

May 11·1 min read·8 words

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

May 11·1 min read·11 words

New ‘Dirty Frag’ exploit targets Linux kernel for root access

May 11·1 min read·10 words

AI security is repeating endpoint security’s biggest mistake

May 11·1 min read·8 words

8 guiding principles for reskilling the SOC for agentic AI

May 11·1 min read·10 words

1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution

May 11·1 min read·15 words

Five new holes, one exploited, found in Ivanti Endpoint Manager Mobile

May 8·1 min read·11 words

Claude in Chrome is taking orders from the wrong extensions

May 8·1 min read·10 words

Your CTEM program is probably ignoring MCP. Here’s how to fix it

May 8·1 min read·12 words

Pen tests show AI security flaws far more severe than legacy software bugs

May 8·1 min read·13 words

Your refresh plan has a CVE blind spot

May 8·1 min read·8 words

Palo Alto Networks firewall flaw has been exploited for several weeks

May 8·1 min read·11 words

Become a millionaire by bug hunting on Android

May 8·1 min read·8 words

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

May 8·1 min read·12 words

Ollama vulnerability highlights danger of AI frameworks with unrestricted access

May 7·1 min read·10 words

LinkedIn illegally blocking free accounts from seeing ‘who’s viewed your profile’ data, group alleges

May 7·1 min read·14 words

Bots in translation: Can AI really fix SIEM rule sprawl across vendors?

May 7·1 min read·12 words

CISOs: Align cyber risk communication with boardroom psychology

May 7·1 min read·8 words

US government agency to safety test frontier AI models before release

May 7·1 min read·11 words

Iranian state-backed spies pose as ransomware slingers in false flag attacks

May 6·1 min read·11 words

New malware turns Linux systems into P2P attack networks

May 6·1 min read·9 words

Poisoned truth: The quiet security threat inside enterprise AI

May 6·1 min read·9 words

Train like you fight: Why cyber operations teams need no-notice drills

May 6·1 min read·11 words

Supply-chain attacks take aim at your AI coding agents

May 5·1 min read·9 words

Edge browser leaves passwords exposed in plain text, says researcher

May 5·1 min read·10 words

CISA mulls new three-day remediation deadline for critical flaws

May 5·1 min read·9 words

CISA pushes critical infrastructure operators to prepare to work in isolation

May 5·1 min read·11 words

Oracle will patch more often to counter AI cybersecurity threat

May 5·1 min read·10 words

AI finds 20-year-old bugs in PostgreSQL and MariaDB

May 5·1 min read·8 words

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

May 5·1 min read·13 words

CISOs step up to the security workforce challenge

May 5·1 min read·8 words

Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models

May 5·1 min read·13 words

Security agencies draw red lines around agentic AI deployments

May 4·1 min read·9 words

The fake IT worker problem CISOs can’t ignore

May 4·1 min read·8 words

How CISOs should utilize data security posture management to inform risk

May 4·1 min read·11 words

AI agents can bypass guardrails and put credentials at risk, Okta study finds

May 1·1 min read·13 words

Windows shell spoofing vulnerability puts sensitive data at risk

May 1·1 min read·9 words

Human-centric failures: Why BEC continues to work despite MFA

May 1·1 min read·9 words

Just 34% of cyber pros plan to stick with their current employer

May 1·1 min read·12 words

Enterprise Spotlight: Transforming software development with AI

May 1·1 min read·7 words

Managing OT risk at scale: Why OT cyber decisions are leadership decisions

May 1·1 min read·12 words

‘Trivial’ exploit can give attackers root access to Linux kernel

May 1·1 min read·10 words

Bank regulator sounds warning over cybersecurity threat posed by AI models

Apr 30·1 min read·11 words

Dismantle implicit trust in OT networks, CISA tells critical infrastructure operators

Apr 30·1 min read·11 words

Max-severity RCE flaw found in Google Gemini CLI

Apr 30·1 min read·8 words

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Apr 30·1 min read·12 words

Stopping the quiet drift toward excessive agency with re-permissioning

Apr 30·1 min read·9 words

ODNI to CISOs on threat assessments: You’re on your own

Apr 30·1 min read·10 words

Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years

Apr 30·1 min read·11 words

Critical GitHub RCE bug exposed millions of repositories

Apr 29·1 min read·8 words

AWS leans on prior ingenuity to face future AI and quantum threats

Apr 29·1 min read·12 words

Critical Cursor bug could turn routine Git into RCE

Apr 28·1 min read·9 words

Securing RAG pipelines in enterprise SaaS

Apr 28·1 min read·6 words

What CISOs need to get right as identity enters the agentic era

Apr 28·1 min read·12 words

Stopping AiTM attacks: The defenses that actually work after authentication succeeds

Apr 28·1 min read·11 words

Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor

Apr 28·1 min read·11 words

Microsoft patched an ‘agent-only’ role that was not

Apr 27·1 min read·8 words

AI is reshaping DevSecOps to bring security closer to the code

Apr 27·1 min read·11 words

The ‘manager of agents’: How AI evolves the SOC analyst role

Apr 27·1 min read·11 words

New US House privacy bills raise hard questions about enterprise data collection

Apr 24·1 min read·12 words

Scattered Spider co-conspirator pleads guilty

Apr 24·1 min read·5 words

CISA last in line for access to Anthropic Mythos

Apr 24·1 min read·9 words

Bitwarden CLI password manager trojanized in supply chain attack

Apr 23·1 min read·9 words

3 practical ways AI threat detection improves enterprise cyber resilience

Apr 23·1 min read·10 words

The curious case of Sean Plankey’s derailed CISA nomination

Apr 23·1 min read·9 words

Offer customers passkeys by default, UK’s NCSC tells enterprises

Apr 23·1 min read·9 words

Google drafts AI agents secure systems against AI hackers

Apr 23·1 min read·9 words

Microsoft taps Anthropic’s Mythos to strengthen secure software development

Apr 23·1 min read·9 words

Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure

Apr 23·1 min read·8 words

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

Apr 23·1 min read·14 words

Malicious pgserve, automagik developer tools found in npm registry

Apr 23·1 min read·9 words

Microsoft issues out-of-band patch for critical security flaw in update to ASP.NET Core

Apr 22·1 min read·13 words

NFC tap-to-pay gets tapped by hackers

Apr 22·1 min read·6 words

Anthropic bets on EPSS for the coming bug surge

Apr 22·1 min read·9 words

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Apr 21·1 min read·14 words

Azure SRE Agent flaw lets outsiders silently eavesdrop on enterprise cloud operations

Apr 21·1 min read·12 words

Prompt injection turned Google’s Antigravity file search into RCE

Apr 21·1 min read·9 words

Why identity is the driving force behind digital transformation

Apr 21·1 min read·9 words

Top techniques attackers use to infiltrate your systems today

Apr 21·1 min read·9 words

The thin gray line: Handala, CyberAv3ngers and Iran’s proxy ops

Apr 21·1 min read·10 words

Attackers abuse Microsoft Teams to impersonate the IT helpdesk in a new enterprise intrusion playbook

Apr 20·1 min read·15 words

Hackers exploit Vercel’s trust in AI integration

Apr 20·1 min read·7 words

CISOs reshape their roles as business risk strategists

Apr 20·1 min read·8 words

Copilot & Agentforce offen für Prompt-Injection-Tricks

Apr 20·1 min read·6 words

Claude Mythos – ist der Hype gerechtfertigt?

Apr 20·1 min read·7 words

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

Apr 17·1 min read·10 words

Flawed Cisco update threatens to stop APs from getting further patches

Apr 17·1 min read·11 words

White House moves to give federal agencies access to Anthropic’s Claude Mythos

Apr 17·1 min read·12 words

Another Microsoft Defender privilege escalation bug emerges days after patch

Apr 17·1 min read·10 words

Palo Alto’s Helmut Reisinger sees a cyber sea change ahead as AI advances

Apr 17·1 min read·13 words

Cisco Webex SSO flaw needs manual certificate update to fix

Apr 16·1 min read·10 words

RCE by design: MCP architectural choice haunts AI agent ecosystem

Apr 16·1 min read·10 words

NIST cuts down CVE analysis amid vulnerability overload

Apr 16·1 min read·8 words

Microsoft’s Windows Recall still allows silent data extraction

Apr 16·1 min read·8 words

Behind the Mythos hype, Glasswing has just one confirmed CVE

Apr 16·1 min read·10 words

Insurance carriers quietly back away from covering AI outputs

Apr 16·1 min read·9 words

The endless CISO reporting line debate — and what it says about cybersecurity leadership

Apr 16·1 min read·14 words

Critical nginx UI tool vulnerability opens web servers to full compromise

Apr 15·1 min read·11 words

Copilot and Agentforce fall to form-based prompt injection tricks

Apr 15·1 min read·9 words

The deepfake dilemma: From financial fraud to reputational crisis

Apr 15·1 min read·9 words

7 biggest healthcare security threats

Apr 15·1 min read·5 words

The need for a board-level definition of cyber resilience

Apr 15·1 min read·9 words

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action

Apr 15·1 min read·13 words

Curity looks to reinvent IAM with runtime authorization for AI agents

Apr 15·1 min read·11 words

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

Apr 15·1 min read·10 words

4 questions to ask before outsourcing MDR

Apr 14·1 min read·7 words

5 trends defining the future of AI-powered cybersecurity

Apr 14·1 min read·8 words

EU regulators largely denied access to Anthropic Mythos

Apr 14·1 min read·8 words

China-linked cloud credential heist runs on typos and SMTP

Apr 14·1 min read·9 words

How AI is transforming threat detection

Apr 14·1 min read·6 words

The AI inflection point: What security leaders must do now

Apr 14·1 min read·10 words

Cyber-Inspekteur: Hybride Attacken nehmen weiter zu

Apr 14·1 min read·6 words

Anthropic’s Mythos signals a structural cybersecurity shift

Apr 13·1 min read·7 words

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

Apr 13·1 min read·12 words

Seven IBM WebSphere Liberty flaws can be chained into full takeover

Apr 13·1 min read·11 words

CISOs tackle the AI visibility gap

Apr 13·1 min read·6 words

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

Apr 10·1 min read·11 words

Old Docker authorization bypass pops up despite previous patch

Apr 10·1 min read·9 words

Hacker Unknown now known, named on Europol’s most-wanted list

Apr 10·1 min read·9 words

Hungarian government email passwords exposed ahead of election

Apr 10·1 min read·8 words

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

Apr 10·1 min read·9 words

Why most zero-trust architectures fail at the traffic layer

Apr 10·1 min read·9 words

The cyber winners and losers in Trump’s 2027 budget

Apr 10·1 min read·9 words

CMMC compliance in the age of AI

Apr 10·1 min read·7 words

Hackers have been exploiting an unpatched Adobe Reader vulnerability for months

Apr 9·1 min read·11 words

Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning

Apr 9·1 min read·10 words

Weak at the seams

Apr 9·1 min read·4 words

Weak at the seams

Apr 9·1 min read·4 words

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Apr 9·1 min read·10 words

Patch windows collapse as time-to-exploit accelerates

Apr 9·1 min read·6 words

Questions raised about how LinkedIn uses the petabytes of data it collects

Apr 9·1 min read·12 words

Arelion employs NETSCOUT Arbor DDoS protection products

Apr 8·1 min read·7 words

6 Winter 2026 G2 Leader Badges prove this DDoS protection stands out

Apr 8·1 min read·12 words

How botnet-driven DDoS attacks evolved in 2H 2025

Apr 8·1 min read·8 words

Yael Nardi joins Minimus as Chief Business Officer to drive hyper-growth

Apr 8·1 min read·11 words

Hackers exploit a critical Flowise flaw affecting thousands of AI workflows

Apr 8·1 min read·11 words

Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites

Apr 8·1 min read·11 words

LLM-generated passwords are indefensible. Your codebase may already prove it

Apr 8·1 min read·10 words

Forest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessions

Apr 8·1 min read·12 words

The zero-day timeline just collapsed. Here’s what security leaders do next

Apr 8·1 min read·11 words

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

Apr 8·1 min read·12 words

The tabletop exercise grows up

Apr 8·1 min read·5 words

What Anthropic Glasswing reveals about the future of vulnerability discovery

Apr 7·1 min read·10 words

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Apr 7·1 min read·9 words

5 practical steps to strengthen attack resilience with attack surface management

Apr 7·1 min read·11 words

5 steps to strengthen supply chain security and improve cyber resilience

Apr 7·1 min read·11 words

5 ways to strengthen identity security and improve attack resilience

Apr 7·1 min read·10 words

Zero‑click Grafana AI attack can enable enterprise data exfiltration

Apr 7·1 min read·9 words

Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks

Apr 7·1 min read·8 words

Supply chain security is now a board-level issue: Here’s what CSOs need to know

Apr 7·1 min read·14 words

The rise of proactive cyber: Why defense is no longer enough

Apr 7·1 min read·11 words

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

Apr 6·1 min read·11 words

Authentication is broken: Here’s how security leaders can actually fix it

Apr 6·1 min read·11 words

6 ways attackers abuse AI services to hack your business

Apr 6·1 min read·10 words

Escaping the COTS trap

Apr 6·1 min read·4 words

Security lapse lets researchers view React2Shell hackers’ dashboard

Apr 3·1 min read·8 words

A core infrastructure engineer pleads guilty to federal charges in insider attack

Apr 3·1 min read·12 words

Google patches fourth Chrome zero-day so far this year

Apr 3·1 min read·9 words

Internet Bug Bounty program hits pause on payouts

Apr 3·1 min read·8 words

Claude Code is still vulnerable to an attack Anthropic has already fixed

Apr 3·1 min read·12 words

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

Apr 3·1 min read·10 words

12 cyber industry trends revealed at RSAC 2026

Apr 3·1 min read·8 words

Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative

Apr 3·1 min read·12 words

Cisco fixes critical IMC auth bypass present in many products

Apr 2·1 min read·10 words

EvilTokens abuses Microsoft device code flow for account takeovers

Apr 2·1 min read·9 words

Cybersecurity in the age of instant software

Apr 2·1 min read·7 words

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

Apr 1·1 min read·12 words

WhatsApp malware campaign uses malicious VBS files to gain persistent access

Apr 1·1 min read·11 words

Hacker zielen auf Exilportal Iranwire

Apr 1·1 min read·5 words

Security awareness is not a control: Rethinking human risk in enterprise security

Apr 1·1 min read·12 words

9 ways CISOs can combat AI hallucinations

Apr 1·1 min read·7 words

Im Fokus: IT-Leadership

Apr 1·1 min read·3 words

Anthropic employee error exposes Claude Code source

Apr 1·1 min read·7 words

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

Mar 31·1 min read·11 words

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Mar 31·1 min read·12 words

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Mar 31·1 min read·10 words

8 ways to bolster your security posture on the cheap

Mar 31·1 min read·10 words

The external pressures redefining cybersecurity risk

Mar 31·1 min read·6 words

6 key takeaways from RSA Conference 2026

Mar 31·1 min read·7 words

Fahndung nach Cyberkriminellen – 130 Firmen attackiert

Mar 31·1 min read·7 words

Fortinet hit by another exploited cybersecurity flaw

Mar 30·1 min read·7 words

LangChain path traversal bug adds to input validation woes in AI pipelines

Mar 30·1 min read·12 words

Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases

Mar 30·1 min read·13 words

APIs are the new perimeter: Here’s how CISOs are securing them

Mar 30·1 min read·11 words

Why Kubernetes controllers are the perfect backdoor

Mar 30·1 min read·7 words

European Commission data stolen in a cyberattack on the infrastructure hosting its web sites

Mar 27·1 min read·14 words

Lloyds Bank reveals how IT bug exposed transaction data

Mar 27·1 min read·9 words

Attackers exploit critical Langflow RCE within hours as CISA sounds alarm

Mar 27·1 min read·11 words

Cyberangriff auf die Linke

Mar 27·1 min read·4 words

8 steps CISOs can take to empower their teams

Mar 27·1 min read·9 words

Google: The quantum apocalypse is coming sooner than we thought

Mar 27·1 min read·10 words

The CISO’s guide to responding to shadow AI

Mar 26·1 min read·8 words

Databricks pitches Lakewatch as a cheaper SIEM — but is it really?

Mar 26·1 min read·12 words

GitHub phishers use fake OpenClaw tokens to drain crypto wallets

Mar 26·1 min read·10 words

New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert

Mar 25·1 min read·12 words

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Mar 25·1 min read·9 words

Trivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion wave

Mar 25·1 min read·14 words

PyPI warns developers after LiteLLM malware found stealing cloud and CI/CD credentials

Mar 25·1 min read·12 words

6 key trends reshaping the IAM market

Mar 25·1 min read·7 words

AI is breaking traditional security models — Here’s where they fail first

Mar 25·1 min read·12 words

DDoS-Angriffe haben sich verdoppelt

Mar 24·1 min read·4 words

HP launches TPM Guard to help defeat physical TPM attacks

Mar 24·1 min read·10 words

New ‘StoatWaffle’ malware auto‑executes attacks on developers

Mar 24·1 min read·7 words

Autonomous AI adoption is on the rise, but it’s risky

Mar 24·1 min read·10 words

Streamline physical security to enable data center growth in the era of AI

Mar 24·1 min read·13 words

Why CISOs should embrace AI honeypots

Mar 24·1 min read·6 words

Palo Alto updates security platform to discover AI agents

Mar 24·1 min read·9 words

Faster attacks and ‘recovery denial’ ransomware reshape threat landscape

Mar 23·1 min read·9 words

Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies

Mar 23·1 min read·11 words

Behavioral XDR and threat intel nab North Korean fake IT worker within 10 days of hire

Mar 23·1 min read·16 words

Why US companies must be ready for quantum by 2030: A practical roadmap

Mar 23·1 min read·13 words

The insider threat rises again

Mar 23·1 min read·5 words

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

Mar 21·1 min read·11 words

Are nations ready to be the cybersecurity insurers of last resort?

Mar 21·1 min read·11 words

Water utilities strengthen cybersecurity through cooperation

Mar 20·1 min read·6 words

Stop using AI to submit bug reports, says Google

Mar 20·1 min read·9 words

DDoS-Attacken: Schlag gegen internationale Cyberkriminelle

Mar 20·1 min read·5 words

The espionage reality: Your infrastructure is already in the collection path

Mar 20·1 min read·11 words

CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group

Mar 19·1 min read·13 words

That cheap KVM device could expose your network to remote compromise

Mar 19·1 min read·11 words

Ransomware group exploited Cisco firewall vulnerability as a zero day, weeks before a patch appeared

Mar 19·1 min read·15 words

Beijing wants its own quantum-resistant encryption standards rather than adopt NIST’s

Mar 19·1 min read·11 words

Telnet vulnerability opens door to remote code execution as root

Mar 19·1 min read·10 words

5 key priorities for your RSAC 2026 agenda

Mar 19·1 min read·8 words

The multi-billion dollar mistake: Why cloud misconfigurations are your biggest security threat

Mar 19·1 min read·12 words

Your MFA isn’t broken — it’s being bypassed, and your employees can’t tell the difference

Mar 19·1 min read·15 words

Anthropic ban heralds new era of supply chain risk — with no clear playbook

Mar 19·1 min read·14 words

Reco targets AI agent blind spots with new security capability

Mar 18·1 min read·10 words

BSI moniert Software-Sicherheit im Gesundheitswesen

Mar 18·1 min read·5 words

Can you prove the person on the other side is real?

Mar 18·1 min read·11 words

ClickFix treibt neue Infostealer-Kampagnen an

Mar 18·1 min read·5 words

Cybersecurity and privacy priorities for 2026: The legal risk map

Mar 18·1 min read·10 words

CISOs rethink their data protection strategies

Mar 18·1 min read·6 words

Nvidia NemoClaw promises to run OpenClaw agents securely

Mar 17·1 min read·8 words

Cyber-Attacken fluten Eon-Netz: Angriffe verzehnfacht

Mar 17·1 min read·5 words

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

Mar 17·1 min read·10 words

Runtime: The new frontier of AI agent security

Mar 17·1 min read·8 words

Open VSX extensions hijacked: GlassWorm malware spreads via dependency abuse

Mar 16·1 min read·10 words

Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk

Mar 16·1 min read·13 words

What it takes to win that CSO role

Mar 16·1 min read·8 words

ClickFix techniques evolve in new infostealer campaigns

Mar 16·1 min read·7 words

Google warns of two actively exploited Chrome zero days

Mar 13·1 min read·9 words

Cyber criminals too are working from home… your home

Mar 13·1 min read·9 words

Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication

Mar 13·1 min read·14 words

Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind

Mar 13·1 min read·14 words

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

Mar 13·1 min read·10 words

The cyber perimeter was never dead. We just abandoned it.

Mar 13·1 min read·10 words

Telus Digital hit with massive data breach

Mar 13·1 min read·7 words

Medical giant Stryker crippled after Iranian hackers remotely wipe computers

Mar 12·1 min read·10 words

PhantomRaven returns to npm with 88 bad packages

Mar 12·1 min read·8 words

North Korean fake IT worker tradecraft exposed

Mar 12·1 min read·7 words

AI use is changing how much companies pay for cyber insurance

Mar 12·1 min read·11 words

“Zombie ZIP”: Neue Angriffstechnik täuscht Virenscanner

Mar 12·1 min read·6 words

Resumés with malicious ISO attachments are circulating, says Aryaka

Mar 11·1 min read·9 words

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

Mar 11·1 min read·11 words

AWS expands Security Hub for multicloud security operations

Mar 11·1 min read·8 words

Overly permissive ‘guest’ settings put Salesforce customers at risk

Mar 11·1 min read·9 words

Why zero trust breaks down in IoT and OT environments

Mar 11·1 min read·10 words

Did cybersecurity recently have its Gatling gun moment?

Mar 11·1 min read·8 words

Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials

Mar 11·1 min read·14 words

A 5-step approach to taming shadow AI

Mar 11·1 min read·7 words

12 ways attackers abuse cloud services to hack your enterprise

Mar 11·1 min read·10 words

Devs looking for OpenClaw get served a GhostClaw RAT

Mar 10·1 min read·9 words

The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix

Mar 10·1 min read·18 words

OpenAI to acquire Promptfoo to strengthen AI agent security testing

Mar 10·1 min read·10 words

Why access decisions are becoming the weakest link in identity security

Mar 10·1 min read·11 words

I replaced manual pen tests with automation. Here’s what I learned.

Mar 10·1 min read·11 words

When AI safety constrains defenders more than attackers

Mar 10·1 min read·8 words

Hacker abusing .arpa domain to evade phishing detection, says Infoblox

Mar 10·1 min read·10 words

CVE program funding secured, easing fears of repeat crisis

Mar 9·1 min read·9 words

OpenAI says Codex Security found 11,000 high-impact bugs in a month

Mar 9·1 min read·11 words

NIS-2: Tausende reißen BSI-Frist und riskieren Strafen

Mar 9·1 min read·7 words

4 ways to prepare your SOC for agentic AI

Mar 9·1 min read·9 words

PQC roadmap remains hazy as vendors race for early advantage

Mar 9·1 min read·10 words

Tarnung als Taktik: Warum Ransomware-Angriffe raffinierter werden

Mar 9·1 min read·7 words

Trump’s cyber strategy emphasizes offensive operations, deregulation, AI

Mar 6·1 min read·8 words

ClickFix attackers using new tactic to evade detection, says Microsoft

Mar 6·1 min read·10 words

Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short

Mar 6·1 min read·14 words

FBI wiretap system tapped by hackers

Mar 6·1 min read·6 words

OAuth vulnerability in n8n automation platform could lead to system compromise

Mar 6·1 min read·11 words

Targeted advertising is also targeting malware

Mar 6·1 min read·6 words

Teenage hacker myth primed for a middle-age criminal makeover

Mar 6·1 min read·9 words

Challenges and projects for the CISO in 2026

Mar 6·1 min read·8 words

Zero-day exploits hit enterprises faster and harder

Mar 6·1 min read·7 words

Europa im Visier von Cyber-Identitätsdieben

Mar 6·1 min read·5 words

LeakBase marketplace unplugged by cops in 14 countries

Mar 6·1 min read·8 words

Cisco issues emergency patches for critical firewall vulnerabilities

Mar 5·1 min read·8 words

Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year

Mar 5·1 min read·16 words

Europol: Großer Markt für gestohlene Daten geschlossen

Mar 5·1 min read·7 words

State-affiliated hackers set up for critical OT attacks that operators may not detect

Mar 5·1 min read·13 words

14 old software bugs that took way too long to squash

Mar 5·1 min read·11 words

Microsoft leads takedown of Tycoon2FA phishing service infrastructure

Mar 5·1 min read·8 words

Why AI, Zero Trust, and modern security require deep visibility

Mar 4·1 min read·10 words

The 10-hour problem: How visibility gaps are burning out the SOC

Mar 4·1 min read·11 words

Iranian cyberattacks fail to materialize but threat remains acute

Mar 4·1 min read·9 words

Anthropic AI ultimatums and IP theft: The unspoken risk

Mar 4·1 min read·9 words

How to know you’re a real-deal CSO — and whether that job opening truly seeks one

Mar 4·1 min read·16 words

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

Mar 4·1 min read·13 words

OAuth phishers make ‘check where the link points’ advice ineffective

Mar 3·1 min read·10 words

Jetzt Staats-CISO werden – für unter 160.000 Euro

Mar 3·1 min read·8 words

Epic Fury introduces new layer of enterprise risk

Mar 3·1 min read·8 words

Studie: Hacker legen Betrieb bei vielen Unternehmen lahm

Mar 3·1 min read·8 words

7 factors impacting the cyber skills gap

Mar 3·1 min read·7 words

Vulnerability monitoring service secures public-sector websites faster

Mar 2·1 min read·7 words

Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

Mar 2·1 min read·10 words

A scorecard for cyber and risk culture

Mar 2·1 min read·7 words

Hacker erpressen weniger Lösegeld

Mar 2·1 min read·4 words

How CISOs can build a resilient workforce

Mar 2·1 min read·7 words

Im Fokus: RZ-Modernisierung

Mar 2·1 min read·3 words

Im Fokus: RZ-Modernisierung

Mar 2·1 min read·3 words

Security hole could let hackers take over Juniper Networks PTX core routers

Feb 27·1 min read·12 words

‘Silent’ Google API key change exposed Gemini AI data

Feb 27·1 min read·9 words

One of the ‘most influential cybersecurity’ roles will pay under $175,000

Feb 27·1 min read·11 words

Your personal OpenClaw agent may also be taking orders from malicious websites

Feb 27·1 min read·12 words

US authorities punish sellers of malware and spyware

Feb 27·1 min read·8 words

Why application security must start at the load balancer

Feb 27·1 min read·9 words

How to make LLMs a defensive advantage without creating a new attack surface

Feb 27·1 min read·13 words

Enterprise Spotlight: Data Center Modernization

Feb 27·1 min read·5 words

Enterprise Spotlight: Data Center Modernization

Feb 27·1 min read·5 words

Ransomware groups switch to stealthy attacks and long-term access

Feb 27·1 min read·9 words

Hacker kompromittieren immer schneller

Feb 26·1 min read·4 words

China-linked hackers used Google Sheets to spy on telecoms and governments across 42 countries

Feb 26·1 min read·14 words

The farmers and the mercenaries: Rethinking the ‘human layer’ in security

Feb 26·1 min read·11 words

5 trends that should top CISO’s RSA 2026 agendas

Feb 26·1 min read·9 words

Steaelite RAT combines data theft and ransomware management capability in one tool

Feb 26·1 min read·12 words

Five Eyes issue emergency directive on exploited Cisco SD-WAN zero-day

Feb 25·1 min read·10 words

Microsoft warns of job‑themed repo lures targeting developers with multi‑stage backdoors

Feb 25·1 min read·11 words

Ukrainian convicted for helping fake North Korean IT workers

Feb 25·1 min read·9 words

Boards don’t need cyber metrics — they need risk signals

Feb 25·1 min read·10 words

Hacker knackt 600 Firewalls in einem Monat – mit KI

Feb 25·1 min read·10 words

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Feb 25·1 min read·9 words

Fake Zoom meeting silently installs surveillance software, says Malwarebytes

Feb 25·1 min read·9 words

VMware fixes command injection flaw in Aria Operations

Feb 25·1 min read·8 words

What does business email compromise look like?

Feb 24·1 min read·7 words

What are the types of ransomware attacks?

Feb 24·1 min read·7 words

Take control: Locking down common endpoint vulnerabilities

Feb 24·1 min read·7 words

How to prevent business email compromise

Feb 24·1 min read·6 words

Know the red flags: Business email compromise signs to look out for

Feb 24·1 min read·12 words

Cyber defense: From reactive to proactive

Feb 24·1 min read·6 words

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools

Feb 24·1 min read·10 words

Bitcoin-Milliarden von Raubkopie-Portal im Visier der Justiz

Feb 24·1 min read·7 words

It’s time to rethink CISO reporting lines

Feb 24·1 min read·7 words

The rise of the evasive adversary

Feb 24·1 min read·6 words

Anthropic’s Claude Code Security rollout is an industry wakeup call

Feb 24·1 min read·10 words

Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon

Feb 24·1 min read·11 words

Hacker stiehlt Daten von Tausenden RTL-Mitarbeitern

Feb 23·1 min read·6 words

New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads

Feb 23·1 min read·11 words

Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers

Feb 23·1 min read·11 words

13 ways attackers use generative AI to exploit your systems

Feb 23·1 min read·10 words

Compromised npm package silently installs OpenClaw on developer machines

Feb 21·1 min read·9 words

Don’t trust TrustConnect: This fake remote support tool only helps hackers

Feb 20·1 min read·11 words

KI und Komplexität als Brandbeschleuniger für Cyberkriminelle

Feb 20·1 min read·7 words

Sonderkommission ermittelt zu Cyberangriff auf Kunstsammlungen Dresden

Feb 20·1 min read·7 words

PayPal launches latest struggle to get rid of SMS for MFA

Feb 20·1 min read·11 words

New phishing campaign tricks employees into bypassing Microsoft 365 MFA

Feb 20·1 min read·10 words

US dominance of agentic AI at the heart of new NIST initiative

Feb 19·1 min read·12 words

Six flaws found hiding in OpenClaw’s plumbing

Feb 19·1 min read·7 words

Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn

Feb 19·1 min read·11 words

Cybersicherheit braucht Reife und keine Checklisten

Feb 19·1 min read·6 words

From in-house CISO to consultant. What you need to know before making the leap

Feb 19·1 min read·14 words

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

Feb 18·1 min read·9 words

Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years

Feb 18·1 min read·10 words

Millionen Chrome-Erweiterungen geben Browserverlauf preis

Feb 18·1 min read·5 words

Flaws in four popular VS Code extensions left 128 million installs open to attack

Feb 18·1 min read·14 words

Keenadu: Android malware that comes preinstalled and can’t be removed by users

Feb 18·1 min read·12 words

Cyberangriff auf Bahn stört Auskunftssysteme

Feb 18·1 min read·5 words

Discipline is the new power move in cybersecurity leadership

Feb 18·1 min read·9 words

A new approach for GenAI risk protection

Feb 18·1 min read·7 words

The new paradigm for raising up secure software engineers

Feb 18·1 min read·9 words

13 Fragen gegen Drittanbieterrisiken

Feb 18·1 min read·4 words

Cyber attacks enabled by basic failings, Palo Alto analysis finds

Feb 17·1 min read·10 words

MCSC 2026: „Politik und Wirtschaft müssen zusammenarbeiten“

Feb 17·1 min read·7 words

ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit

Feb 17·1 min read·10 words

With CISOs stretched thin, re-envisioning enterprise risk may be the only fix

Feb 17·1 min read·12 words

Why 2025’s agentic AI boom is a CISO’s worst nightmare

Feb 17·1 min read·10 words

Exploit available for new Chrome zero-day vulnerability, says Google

Feb 17·1 min read·9 words

Was CISOs über OpenClaw wissen sollten

Feb 16·1 min read·6 words

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

Feb 16·1 min read·13 words

Leaky Chrome extensions with 37M installs caught divulging your browsing history

Feb 16·1 min read·11 words

Finding a common language around risk

Feb 16·1 min read·6 words

Neue Kooperation soll souveräne Cloud-Lösungen bringen

Feb 16·1 min read·6 words

CISO Julie Chatman wants to help you take control of your security leadership role

Feb 16·1 min read·14 words

10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons

Feb 16·1 min read·10 words

Critical BeyondTrust RS vulnerability exploited in active attacks

Feb 13·1 min read·8 words

South Korea fines Louis Vuitton, Christian Dior, Tiffany $25M for SaaS security failures

Feb 13·1 min read·13 words

Researchers unearth 30-year-old vulnerability in libpng library

Feb 13·1 min read·7 words

Battling bots face off in cybersecurity arena

Feb 13·1 min read·7 words

Four new reasons why Windows LNK files cannot be trusted

Feb 13·1 min read·10 words

BSI läutet Ende der klassischen Verschlüsselung ein

Feb 13·1 min read·7 words

The foundation problem: How a lack of accountability is destroying cybersecurity

Feb 13·1 min read·11 words

Google fears massive attempt to clone Gemini AI through model extraction

Feb 13·1 min read·11 words

The democratization of AI data poisoning and how to protect your organization

Feb 13·1 min read·12 words

Why key management becomes the weakest link in a post-quantum and AI-driven security world

Feb 13·1 min read·14 words

5 key trends reshaping the SIEM market

Feb 13·1 min read·7 words

Hackers turn bossware against the bosses

Feb 13·1 min read·6 words

Why identity recovery is now central to cyber resilience

Feb 12·1 min read·9 words

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

Feb 12·1 min read·11 words

Neue Warn-App für Cybervorfälle gestartet

Feb 12·1 min read·5 words

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

Feb 12·1 min read·13 words

Palo Alto closes privileged access gap with $25B CyberArk acquisition

Feb 12·1 min read·10 words

The ephemeral infrastructure paradox: Why short-lived systems need stronger identity governance

Feb 12·1 min read·11 words

What CISOs need to know about the OpenClaw security nightmare

Feb 12·1 min read·10 words

Entwickler werden zum Angriffsvektor

Feb 12·1 min read·4 words

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

Feb 12·1 min read·9 words

Companies are using ‘Summarize with AI’ to manipulate enterprise chatbots

Feb 12·1 min read·10 words

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

Feb 11·1 min read·12 words

EU clears Google’s $32B Wiz acquisition, intensifying cloud security competition

Feb 11·1 min read·10 words

The hard part of purple teaming starts after detection

Feb 11·1 min read·9 words

CISOs must separate signal from noise as CVE volume soars

Feb 11·1 min read·10 words

Vorgetäuschte PDFs bergen neue Gefahren

Feb 11·1 min read·5 words

February 2026 Patch Tuesday: Six new and actively exploited Microsoft vulnerabilities addressed

Feb 11·1 min read·12 words

BeyondTrust fixes critical RCE flaw in remote access tools

Feb 10·1 min read·9 words

SolarWinds WHD zero-days from January are under attack

Feb 10·1 min read·8 words

Cyberangriff auf EU-Kommission

Feb 10·1 min read·3 words

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Feb 10·1 min read·7 words

Single prompt breaks AI safety in 15 major language models

Feb 10·1 min read·10 words

How to govern agentic AI so as not to lose control

Feb 10·1 min read·11 words

69% of CISOs open to career move — including leaving role entirely

Feb 10·1 min read·12 words

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Feb 10·1 min read·12 words

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

Feb 9·1 min read·11 words

DKnife targets network gateways in long running AitM campaign

Feb 9·1 min read·9 words

Never settle: How CISOs can go beyond compliance standards to better protect their organizations

Feb 9·1 min read·14 words

Schrödinger’s cat and the enterprise security paradox

Feb 9·1 min read·7 words

Gartner-Prognose: Die sechs wichtigsten Cybersicherheits-Trends für 2026

Feb 9·1 min read·7 words

NIS2: Supply chains as a risk factor

Feb 9·1 min read·7 words

Behörden warnen vor Hackerangriffen auf Politik und Militär

Feb 9·1 min read·8 words

Software developers: Prime cyber targets and a rising risk vector for CISOs

Feb 9·1 min read·12 words

Six more vulnerabilities found in n8n automation platform

Feb 6·1 min read·8 words

Claude AI finds 500 high-severity software vulnerabilities

Feb 6·1 min read·7 words

Pretend Disk Format: PDFs harbor new dangers

Feb 6·1 min read·7 words

Ten career-ending mistakes CISOs make and how to avoid them

Feb 6·1 min read·10 words

CISA gives federal agencies 18 months to purge unsupported edge devices

Feb 6·1 min read·11 words

Zscaler extends zero-trust security to browsers with SquareX acquisition

Feb 6·1 min read·9 words

KI als AWS-Angriffsturbo

Feb 6·1 min read·3 words

The blind spot every CISO must see: Loyalty

Feb 6·1 min read·8 words

Four new vulnerabilities found in Ingress NGINX

Feb 6·1 min read·7 words

New APT group breached gov and critical infrastructure orgs in 37 countries

Feb 5·1 min read·12 words

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Feb 5·1 min read·12 words

Ransomware-Attacke auf Buhlmann Group

Feb 5·1 min read·4 words

The silent security gap in enterprise AI adoption

Feb 5·1 min read·8 words

Microsoft develops a new scanner to detect hidden backdoors in LLMs

Feb 5·1 min read·11 words

Building trust with the board through evidence-based proof

Feb 5·1 min read·8 words

Kurz vor Olympia: Italien wehrt russische Hacker-Angriffe ab

Feb 5·1 min read·8 words

Software supply chain risks join the OWASP top 10 list, access control still on top

Feb 5·1 min read·15 words

1.5 million AI agents are at risk of going rogue

Feb 5·1 min read·10 words

Threat actors hijack web traffic after exploiting React2Shell vulnerability

Feb 4·1 min read·9 words