CSO Online

BeyondTrust fixes critical RCE flaw in remote access tools

Enterprises are urged to patch self-hosted versions of both Remote Support and Privileged Remote Access due to a 9.9-severity ...
CSO Online

Single prompt breaks AI safety in 15 major language models

The GRP‑Obliteration technique reveals that even mild prompts can reshape internal safety mechanisms, raising oversight ...
CSO Online

69% of CISOs open to career move — including leaving role entirely

Behind those numbers are executives who are frustrated with an ever-expanding job without the budget and authority to match.
CSO Online

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...
CSO Online

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Anthropic didn’t dispute the security report, but suggested it would only be caused by user error, where users deliberately ...
CSO Online

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

The AI agent platform has added a Google-owned threat intelligence service to the ClawHub marketplace, following the ...
CSO Online

Schrödinger’s cat and the enterprise security paradox

If you haven’t really looked, your company is both secure and hacked at the same time — and dashboards alone won’t tell you ...
CSO OnlineOpinion

Never settle: How CISOs can go beyond compliance standards to better protect their organizations

With scenarios, you start with a broader view of the risk and map associated controls. You can also define custom risk ...
CSO Online

Zero trust in practice: A deep technical dive into going fully passwordless in hybrid enterprise environments

Going passwordless isn’t a switch flip — it’s a full identity rethink. This piece walks through what actually breaks, works ...
CSO Online

New APT group breached gov and critical infrastructure orgs in 37 countries

Security researchers from Palo Alto Networks believe the likely Asia-based group is expanding its activities, which include ...
CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...
CSO Online

Software developers: Prime cyber targets and a rising risk vector for CISOs

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.