News

CSO Online38m
CVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limbo
MITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program will end April 16 after DHS did not renew its funding ...
CSO Online52m
New ResolverRAT malware targets healthcare and pharma orgs worldwide
Distributed via phishing emails, the DLL side-loaded malware’s payload is executed only in memory and uses sophisticated ...
CSO Online10h
China alleges US cyber espionage during the Asian Winter Games, names 3 NSA agents
Chinese authorities claim US intelligence targeted Microsoft Windows systems and critical infrastructure in a coordinated ...
CSO Online17h
Agentic AI is both boon and bane for security pros
AI agents are predicted to reduce time to exploit by half in two years, here is what you need to know to figure out if your ...
CSO Online11h
Incomplete patching leaves Nvidia, Docker exposed to DOS attacks
An optional feature issued with the fix can cause a bug rollback, making a secondary DOS issue possible on top of root-level privilege exploitation.
CSO Online1d
AI hallucinations lead to a new cyber threat: Slopsquatting
Attackers can weaponize and distribute a large number of packages recommended by AI models that don’t really exist.
CSO Online4d
You’re always a target, so it pays to review your cybersecurity insurance
Not only does an annual insurance review ensure compliance with policy requirements, it can kick off a more thorough review ...
CSO Online4d
Oracle admits breach of ‘obsolete servers,’ denies main cloud platform affected
The fact that a breach of some kind had occurred was first made public in March, when a hacker using the moniker ‘rose87168’ ...
CSO Online4d
OpenAI slammed for putting speed over safety
OpenAI’s approach to safety testing for its GPT models has varied over time. For GPT-4, the company dedicated over six months ...
CSO Online8d
The risks of entry-level developers over relying on AI
As AI-generated code becomes more common, some CISOs argue that overreliance could erode developers’ critical skills which ...
CSO Online6d
US bank regulator’s email system breached
The agency that regulates all US national banks alerted Congress on Tuesday that hackers had access to staff emails.
CSO Online4d
Russian Shuckworm APT is back with updated GammaSteel malware
The attack targeted the military mission of a Western country in Ukraine, with the goal of deploying a PowerShell-based ...