CSO Online

Google Vertex AI security permissions could amplify insider threats

A new way to escalate privileges inside Google’s Vertex AI highlights a broader problem: Enterprises have a level of trust in ...
CSO Online

Modular DS bug hands hackers instant WordPress admin access

Security researchers confirmed in-the-wild exploitations of the mx-severity flaw, allowing unauthenticated actors gain full ...
CSO Online

Cisco finally patches seven-week-old zero-day flaw in Secure Email Gateway products

Chinese hackers are behind attacks on AsyncOS Software that allow complete takeover of the appliance, the company says.
CSO Online

Insider risk in an age of workforce volatility

Economic pressure, AI displacement, and organizational churn are conflating to create the conditions for heightened insider ...
CSO Online

CISOs’ top 10 cybersecurity priorities for 2026

AI’s ongoing rise — both as a threat and a means for defense — is reshaping security execs’ agendas, which also include added ...
CSO Online

Top 10 vendors for AI-enabled security — according to CISOs

Weighing innovation, reputation, business value, cost, integration overhead, and peer use, among other criteria, CISOs list ...
CSO Online

Possible software supply chain attack through AWS CodeBuild service blunted

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...
CSO Online

Cybersecurity risk will accelerate this year, fueled in part by AI, says World Economic Forum

Its annual cybersecurity outlook says cyber resilience is key to lowering that risk, with AI the most significant driver of ...
CSO Online

US cybersecurity weakened by congressional delays despite Plankey renomination

Sean Plankey’s renomination as CISA director offers some relief, but stalled legislation on cyber threat information sharing ...
CSO Online

January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention

Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for ...
CSO Online

Output from vibe coding tools prone to critical security flaws, study finds

The assessment, which it conducted in December 2025, compared five of the best-known vibe coding tools — Claude Code, OpenAI ...
CSO Online

Palo Alto Networks patches firewalls after discovery of a new denial-of-service flaw

A previous virtually identical zero day DoS vulnerability was targeted in the wild, and there's already a PoC for this one.