Supply-chain attacks take aim at your AI coding agents
Attackers too are looking to cash in on the AI coding craze, adapting their supply-chain techniques to target coding agents themselves. Many AI agents autono...
CSO Online
13 articles
Edge browser leaves passwords exposed in plain text, says researcher
A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter...
CISA mulls new three-day remediation deadline for critical flaws
Experts have mixed reactions to a report that the US Cybersecurity and Infrastructure Security Agency (CISA) is considering reducing the timeline in which go...
CISA pushes critical infrastructure operators to prepare to work in isolation
The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new national initiative aimed at helping critical infrastructure operators with...
Oracle will patch more often to counter AI cybersecurity threat
Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace ...
AI finds 20-year-old bugs in PostgreSQL and MariaDB
Open-source databases are facing a bit of a memory problem as AI helps surface decades-old buffer overflow issues in widely used components. Security researc...
Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs
A newly identified malware campaign is abusing Microsoft’s Phone Link feature to intercept SMS-based one-time passwords and other sensitive mobile data direc...
CISOs step up to the security workforce challenge
A robust cybersecurity program needs a range of skilled people, yet many CISOs continue to face an ongoing skills shortage — and the squeeze may only get wor...
10 Anzeichen für einen schlechten CSO
Sind IT-Mitarbeiter unzufrieden, kann das an schlechten Führungskräften oder an einer unzureichenden IT-Strategie liegen. Foto: fizkes – shutterstock.
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
The Trump administration is in early discussions about whether advanced AI models should be vetted before public release, according to reporting from the New...
The Winter Games effect: When gold meets DDoS
Major international events attract not just global audiences but also distributed denial-of-service (DDoS) attacks. The Milano Cortina 2026 Winter Games prov...
How orphaned applications are quietly fueling your shadow IT problem
Orphaned applications are a significant driver of shadow IT and a major headache for asset and identity management. We all know the drill: an account should ...
Security agencies draw red lines around agentic AI deployments
With prompt injection and other attack pathways consistently surfacing across agentic AI deployments, security watchdogs have stepped in, collectively, to dr...