CSO Online

PayPal launches latest struggle to get rid of SMS for MFA

Security experts have been nearly unanimous in their dislike of unencrypted SMS authentication for over a decade, but business executives — and customers — love its convenience. Cost-cutting may ...
CSO Online

Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn

Permissive AI access and limited monitoring could allow malware to hide within trusted enterprise traffic, thereby ...
CSO Online

Keenadu: Android malware that comes preinstalled and can’t be removed by users

Keenadu infiltrated devices by posing as legitimate system components, prompting calls for tighter controls on firmware ...
CSO Online

Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years

A suspected Chinese espionage group exploited hardcoded admin credentials in Dell RecoverPoint for Virtual Machines to deploy ...
CSO Online

US dominance of agentic AI at the heart of new NIST initiative

The standards body is soliciting industry views on agentic security risks while ‘cementing US dominance at the technological frontier.’ ...
CSO Online

Discipline is the new power move in cybersecurity leadership

Turns out the real power move in security isn’t a bigger budget — it’s cutting the clutter and proving what actually reduces ...
CSO Online

The new paradigm for raising up secure software engineers

The new challenge for CISOs in the age of AI developers is securing code. But what does developer security awareness even ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.
CSO OnlineOpinion

A new approach for GenAI risk protection

GenAI isn’t the real problem — unmanaged data is. Smarter XDR-based protection lets teams innovate without leaking what ...
CSO Online

CISO Julie Chatman wants to help you take control of your security leadership role

Chatman, who grew her career from medical diagnostics to a cybersecurity and risk leader at the FBI, has been a mentor to ...
CSO Online

What CISOs need to know about the OpenClaw security nightmare

Clawdbot, I mean, Moltbot, I mean, OpenClaw may be an immediate cybersecurity nightmare for enterprises, so here are its ...
CSO Online

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...