News

CSO Online12h
BadSuccessor: Unpatched Microsoft Active Directory attack enables domain takeover
Unprivileged users with permission to create objects inside an Active Directory organizational unit can abuse the new ...
CSO Online17h
Critical flaw in OpenPGP.js raises alarms for encrypted email services
The flaw, identified as CVE-2025-47934 and assigned a critical severity rating, was discovered by Edoardo Geraci and Thomas ...
CSO Online19h
GitHub package limit put law firm in security bind
A cautionary tale of how a developer tool limit case could derail cybersecurity protections if not for quick thinking, public ...
CSO Online18h
You’ve already been targeted: Why patch management is mission-critical
Every day you delay a patch is a day attackers gain the upper hand. Proactive defense starts with closing the doors they ...
CSO Online23h
Threat intelligence platform buyer’s guide: Top vendors, selection advice
Threat intelligence platforms have evolved and became essential security defensive tools. Here is what you need to know ...
CSO Online1d
CSO30 Australia Awards 2025: Nominations now open
Nominations are officially open for the 2025 CSO30 Australia Awards, celebrating the country’s most effective and inspiring ...
CSO Online1d
A spoof antivirus makes Windows Defender disable security scans
In a proof-of-concept, a security researcher demonstrated how the Windows Security Center API can be used to block the scans ...
CSO Online1d
Ethical hackers exploited zero-day vulnerabilities against popular OS, browsers, VMs and AI frameworks
During Pwn2Own hacking contest, participants were asked to compromise Microsoft Windows 11, Mozilla Firefox, VMware ...
CSO Online1d
4 ways to safeguard CISO communications from legal liabilities
The SEC’s lawsuit against SolarWinds’ CISO highlights the legal liabilities CISOs can face when communicating. Here are four ...
CSO Online1d
Skitnet malware: The new ransomware favorite
The modular malware is tailor-made for ransomware as it features dedicated plugins for theft, encryption, and persistence.
CSO Online6d
Google patches Chrome vulnerability used for account takeover and MFA bypass
In some environments, this could even give attackers the ability to bypass multi-factor authentication (MFA). The ...
CSO Online2d
8 security risks overlooked in the rush to implement AI
Nearly two-thirds of companies fail to vet the security implications of AI tools before deploying them. Stressing security ...