CSO Online

SonicWall data breach affects all cloud backup customers

September, SonicWall reported a security incident in its cloud backup service. It’s now clear that all customers are affected.
CSO OnlineOpinion

The CIA triad is dead — stop using a Cold War relic to fight 21st century threats

The world has shifted, and our cybersecurity models must shift, too. We need a model that is layered, contextual, and built ...
CSO Online

FBI seizes BreachForums servers as threatened Salesforce data release deadline approaches

Only days ago, a message on the BreachForums extortion site threatened to leak one billion records allegedly stolen from the ...
CSO Online

Open-source DFIR Velociraptor was abused in expanding ransomware efforts

China-based threat actors abused outdated Velociraptor to maintain persistence and help deploy Warlock, LockBit, and Babuk ...
CSO Online

Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary ...
CSO Online

LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

The FBI did not immediately respond to a request for comment.
CSO Online

Homeland Security’s reassignment of CISA staff leaves US networks exposed

As the DHS moves some CISA staff to immigration and border roles, experts warn of slower threat detection, delayed advisories ...
CSO Online

ClayRat spyware turns phones into distribution hubs via SMS and Telegram

The fast-evolving Android RAT spreads by impersonating popular apps and exploiting contact trust to propagate malicious links ...
CSO Online

Unplug Gemini from email and calendars, says cybersecurity firm

The warning comes after the discovery that some AI agents, including Gemini, are vulnerable to ASCII Smuggling attacks.
CSO Online

GitHub Copilot prompt injection flaw leaked sensitive data from private repos

Hidden comments in pull requests analyzed by Copilot Chat leaked AWS keys from users’ private repositories, demonstrating yet ...
CSO Online

Google DeepMind launches an AI agent to fix code vulnerabilities automatically

CodeMender aims to help developers keep pace with AI-powered vulnerability discovery by automatically patching security flaws ...
CSO Online

Autonomous AI hacking and the future of cybersecurity

AI agents are automating key parts of the attack chain, threatening to tip the scales completely in favor of cyber attackers ...