CSO Online

Two cybersecurity experts plead guilty to running ransomware operation

Two cybersecurity professionals charged with running a ransomware operation have pleaded guilty to conspiring to obstruct, ...
CSO Online

Cybersecurity skills matter more than headcount in the AI era

The latest ISC2 workforce study reveals that skills gaps are increasing as cybersecurity professionals adopt AI tools and ...
CSO Online

Equifax Europe CISO: Notorious breach spurred cybersecurity transformation

CISO for Continental Europe Javier Checa sheds light on the credit reporting agency’s cybersecurity progress since the major ...
CSO Online

Critical vulnerability in IBM API Connect could allow authentication bypass

Rated 9.8 out of 10 in severity, the flaw could allow a remote attacker to gain unauthorized access to applications.
CSO Online

Top 5 real-world AI security threats revealed in 2025

Security researchers uncovered a range of cyber issues targeting AI systems that users and developers should be aware of — ...
CSO Online

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...
CSO Online

Patch Tuesday 2025 roundup: The biggest Microsoft vulnerabilities of the year

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...
CSO Online

6 cyber insurance gotchas security leaders must avoid

Cyber insurance protects enterprises from most cyberattack liabilities. But before committing to a policy, CISOs need to ...
CSO Online

Agentic AI already hinting at cybersecurity’s pending identity crisis

An estimated 95% of enterprises have not deployed identity protections for their autonomous agents — not a great start for ...
CSO Online

MacSync Stealer malware bypasses macOS Gatekeeper security warnings

MacSync Stealer, by contrast, is downloaded from an ordinary-looking utility URL as a code-signed and notarized Swift ...
CSO Online

What CISOs should know about the SolarWinds lawsuit dismissal

The SEC’s dismissal of its lawsuit against SolarWinds and its CISO brought widespread relief to cybersecurity leaders and ...
CSO Online

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Proofpoint has warned about phishing campaigns abusing legitimate device authorization flow to bypass MFA and gain persistent ...