CSO Online

Red Hat OpenShift AI weakness allows full cluster compromise, warns advisory

Red Hat has updated its OpenShift AI Service after discovering a vulnerability with a CVSS rating of 9.9 that would allow an ...
CSO Online

Chinese APT group Phantom Taurus targets gov and telecom organizations

Researchers have attributed separate clusters of previously tracked malicious activity to a single group that has elevated ...
CSO Online

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based ...
CSO Online

Microsoft plots new path for Sentinel, adding agentic AI features

The cloud SIEM is gaining long-term data lake log storage, AI graph visualization, support for MCP, and a way to interact ...
CSO Online

That innocent PDF is now a Trojan Horse for Gmail attacks

Researchers at security company Varonis have uncovered a crafty new Gmail phishing attack that not only masquerades as a PDF ...
CSO Online

Government shutdown deepens US cyber risk, exposing networks to threat actors

As Trump’s cyber spending cuts and CISA firings weaken defenses, the latest government shutdown leaves federal networks even ...
CSO Online

CISA 2015 cyber threat info-sharing law lapses amid government shutdown

The expiration of a landmark cybersecurity law strips liability protections for cyber threat information sharing, leaving US ...
CSO Online

Threat actors could retrieve valid usernames from VMware by exploiting vulnerabilities

CVE-2025-41252, a username enumeration vulnerability, also in NSX. An unauthenticated malicious actor may exploit this ...
CSO Online

Don’t drink or drive, say cyberattackers

Jaguar Land Rover and Japanese brewer Asahi are reeling from cyberattacks as threat actors aim for widespread disruption.
CSO Online

Chinese hackers breached critical infrastructure globally using enterprise network gear

RedNovember group exploited VPN appliances and firewalls to hit defense contractors, government agencies, and manufacturers ...
CSO Online

Agentic AI in IT security: Where expectations meet reality

Agentic AI is already changing how security operations centers function, handling repeatable tasks and freeing analysts for ...
CSO Online

Patch now: Attacker finds another zero day in Cisco firewall software

A critical zero-day vulnerability in certain Cisco Systems firewalls has to be patched immediately, US and UK cyber ...