CSO Online

FBI seizes BreachForums servers as threatened Salesforce data release deadline approaches

Only days ago, a message on the BreachForums extortion site threatened to leak one billion records allegedly stolen from the ...
CSO Online

Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary ...
CSO Online

SonicWall data breach affects all cloud backup customers

September, SonicWall reported a security incident in its cloud backup service. It’s now clear that all customers are affected.
CSO Online

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ...
CSO OnlineOpinion

The CIA triad is dead — stop using a Cold War relic to fight 21st century threats

The world has shifted, and our cybersecurity models must shift, too. We need a model that is layered, contextual, and built ...
CSO Online

Unplug Gemini from email and calendars, says cybersecurity firm

The warning comes after the discovery that some AI agents, including Gemini, are vulnerable to ASCII Smuggling attacks.
CSO Online

LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

The FBI did not immediately respond to a request for comment.
CSO Online

Homeland Security’s reassignment of CISA staff leaves US networks exposed

As the DHS moves some CISA staff to immigration and border roles, experts warn of slower threat detection, delayed advisories ...
CSO Online

Autonomous AI hacking and the future of cybersecurity

AI agents are automating key parts of the attack chain, threatening to tip the scales completely in favor of cyber attackers ...
CSO Online

The ultimate business resiliency test: Inside Kantsu’s ransomware response

The Japanese logistics company’s chief executive shares what it requires for a business to survive a cyberattack that grinds ...
CSO Online

GitHub Copilot prompt injection flaw leaked sensitive data from private repos

Hidden comments in pull requests analyzed by Copilot Chat leaked AWS keys from users’ private repositories, demonstrating yet ...
CSO Online

Your cyber risk problem isn’t tech — it’s architecture

Strong cyber programs aren’t built on tech alone — they thrive when architecture, risk and culture work together.