News

CSO Online31m
FIN6 exploits HR workflows to breach corporate defenses
FIN6’s latest campaign combines professional rapport-building with cloud-hosted malware delivery to target sensitive HR ...
CSO Online5h
Smaller organizations nearing cybersecurity breaking point
Strained budgets, overstretched teams, and a rise in sophisticated threats is leading to plummeting security confidence among ...
CSO Online10h
Nominations now open for the CSO30 ASEAN Awards 2025
CSO ASEAN is pleased to launch the CSO30 ASEAN Awards 2025, recognizing the top 30 senior cybersecurity leaders and teams ...
CSO Online17h
June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs
CVE-2025-47172 , a remote code execution vulnerability in Microsoft SharePoint Server. With a CVSS score of 8.8, he said this ...
CSO Online21h
The critical role that partnerships play in shrinking the cyber skills gap
Much like the threat landscape that defenders must navigate daily, developing a sustainable cybersecurity talent pipeline ...
CSO Online23h
Forgotten patches: The silent killer
Blame often falls on individuals when systems go unpatched. But more often, it reflects a process failure. A silent patch ...
CSO Online1d
China-linked hackers target cybersecurity firms, governments in global espionage campaign
PurpleHaze and ShadowPad campaigns targeted over 70 organizations globally, including government and critical infrastructure ...
CSO Online1d
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Popular for monitoring Docker containers, Wazuh is being exploited by two Mirai botnet variants — one of which aligns closely ...
CSO Online2d
New npm threats can erase production systems with a single request
The packages carry backdoors that first collect environment information and then delete entire application directories.
CSO Online1d
Is attacker laziness enabled by genAI shortcuts making them easier to catch?
An OpenAI report details a variety of techniques that the model maker is deploying against various attack methods, especially ...
CSO Online2d
Russia-linked PathWiper malware hits Ukrainian infrastructure
A destructive new malware, dubbed PathWiper, has struck Ukraine’s critical infrastructure, erasing data and disabling ...
CSO Online2d
Trump takes aim at Biden’s cyber executive order but leaves it largely untouched
A new Trump executive order revises Biden’s last cyber EO to eliminate significant sections on digital IDs and secure ...