CSO Online

CVE program funding secured, easing fears of repeat crisis

The funding crisis that nearly shut down the global vulnerability tracking system last year has quietly been resolved, easing fears of another abrupt disruption to a cornerstone of the cybersecurity ...
CSO Online

OpenAI says Codex Security found 11,000 high-impact bugs in a month

The new AI-driven AppSec tool reportedly uncovered hundreds of critical flaws and thousands of high-severity issues during early testing.
CSO Online

PQC roadmap remains hazy as vendors race for early advantage

A wave of new offerings from Palo Alto Networks, Cisco, IBM, Cloudflare, and SandboxAQ highlights growing consensus that ...
CSO Online

Iranian cyberattacks fail to materialize but threat remains acute

US-Israeli military attacks on Iran have caused a lull in cyberactivity, but Iranian groups will turn to destructive wiper ...
CSO OnlineOpinion

Anthropic AI ultimatums and IP theft: The unspoken risk

Anthropic’s run-in with the Pentagon over Claude guardrails and a China-based distillation campaign against its IP highlight ...
CSO Online

Challenges and projects for the CISO in 2026

With the diversification of cybercrime tools, corporate cybersecurity departments seem to face an endless stream of challenges. This is the outlook for 2026 according to their top executives, CISOs, ...
CSO Online

State-affiliated hackers set up for critical OT attacks that operators may not detect

Threat groups are weaponizing industrial control access they’ve gained over the years, but critical infrastructure operators ...
CSO Online

FBI wiretap system tapped by hackers

The FBI acknowledged the incident in a statement to CNN, saying, “The FBI identified and addressed suspicious activities on ...
CSO Online

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...
CSO Online

AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning

CyberStrikeAI lowers the barrier to complex cyberattacks by combining AI orchestration, MCP integration, and more than 100 ...
CSO Online

Coruna iOS exploit kit moved from spy tool to mass criminal campaign in under a year

Google and iVerify researchers say the case points to a thriving secondary market for high-end zero-day exploits.
CSO Online

Innovation without exposure: A CISO’s secure-by-design framework for business outcomes

In that environment, innovation is not a nice-to-have. It is a control. When it is governed well, it reduces risk, improves ...