CSO Online

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

The multi-stage attack uses encrypted shellcode, steganography, and reflective DLL loads to deploy XWorm without leaving ...
CSO Online

Agentic AI in IT security: Where expectations meet reality

Agentic AI is already changing how security operations centers function, handling repeatable tasks and freeing analysts for ...
CSO Online

Chinese hackers breached critical infrastructure globally using enterprise network gear

RedNovember group exploited VPN appliances and firewalls to hit defense contractors, government agencies, and manufacturers ...
CSO Online

Coherence: Insider risk strategy’s new core principle

Control and surveillance have long been the central principles for reducing insider risk. But ensuring organizational ...
CSO Online

CSO30 Awards 2025 celebrate Australia’s top cybersecurity leaders

Australia's leading cybersecurity executives recognised for their leadership and business value at gala ceremony in Sydney.
CSO Online

6 novel ways to use AI in cybersecurity

AI is changing everything, including cybersecurity. Here are six creative AI methods you can use to help protect your ...
CSO Online

Qantas cutting CEO pay signals new era of cyber accountability

With boards, regulators, and investors turning up the heat, corporate leaders, not just CISOs, are facing financial and legal ...
CSO Online

AI-powered phishing scams now use fake captcha pages to evade detection

Attackers are exploiting low-code AI platforms such as Vercel, Netlify, and Lovable to rapidly build phishing sites that look ...
CSO Online

ShadowV2 turns DDoS into a cloud-native subscription service

The DDoS-for-hire campaign exploits misconfigured Docker containers on AWS, using cloud-native environments for industrial ...
CSO Online

Cloud Security Alliance launches framework to improve SaaS security

The CSA’s SSCF benchmark aims to help SaaS vendors build zero trust principles into their environments and give customers ...
CSO Online

Trust in MCP takes first in-the-wild hit via squatted Postmark connector

In a newly disclosed supply-chain attack, an npm package “postmark-mcp” was weaponized to stealthily exfiltrate emails, ...
CSO Online

Patch now: Attacker finds another zero day in Cisco firewall software

A critical zero-day vulnerability in certain Cisco Systems firewalls has to be patched immediately, US and UK cyber ...