CSO Online

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among ...
CSO Online

Gen AI success requires an AI champions network

To ensure generative AI competency and use becomes pervasive across the enterprise, CISOs and their colleagues must establish ...
CSO Online

US Appeals Court lowers burden of proof for data breach lawsuits

The 4th Circuit Court has ruled that dark web data publication alone may be damaging — a decision that could raise extortion ...
CSO Online

OpenAI launches Aardvark to detect and patch hidden bugs in code

Currently in private beta, the GPT-5-powered security agent scans, reasons, and patches software like a real researcher, ...
CSO Online

Claude AI vulnerability exposes enterprise data through code interpreter exploit

Security researcher demonstrates how attackers can hijack Anthropic’s file upload API to exfiltrate sensitive information, ...
CSO Online

Tips for CISOs switching between industries

Moving between industries isn’t just about experience, it’s about transferring skills, understanding the business, and ...
CSO Online

Chromium flaw crashes Chrome, Edge, Atlas: Researcher publishes exploit after Google’s silence

The vulnerability, dubbed Brash, can crash browsers within seconds by flooding the document.title API, and Google’s silence ...
CSO Online

Malicious packages in npm evade dependency detection through invisible URL links: Report

Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
CSO Online

AI-powered bug hunting shakes up bounty industry — for better or worse

AI tools are democratizing and accelerating vulnerability discovery — and taxing vulnerability management programs with false ...
CSO Online

The unified linkage model: A new lens for understanding cyber risk

Cyber threats don’t just hit your systems — they move through your connections. The ULM shows how those hidden links fuel ...
CSO Online

Cybersecurity management for boards: Metrics that matter

If your cyber dashboard looks like a tech manual, you’re flying blind. Real leaders measure resilience, not patch counts.
CSO Online

How evolving regulations are redefining CISO responsibility

Mounting attacks on IoT devices and tighter disclosure laws are turning cyber risk management into a matter of personal ...