News

CSO Online

New Rowhammer technique against DDR5 achieves privilege escalation

By reverse-engineering the Target Row Refresh (TRR) mechanisms that have thus far protected DDR5 RAM against bit flips, ...
CSO Online

WatchGuard patches ‘critical’ VPN flaw in firewalls that could lead to compromise

WatchGuard has patched a dangerous branch office and mobile VPN configuration vulnerability affecting nearly three dozen ...
CSO Online

Palo Alto Networks acknowledges browser malware risks, validating SquareX’s LMR attack findings

After more than a year of flagging evasive browser-based attacks, SquareX gets validation as Palo Alto Networks acknowledges ...
CSO Online

Meet ShadowLeak: ‘Impossible to detect’ data theft using AI

Radware has created a zero-click indirect prompt injection technique that could bypass ChatGPT to trick OpenAI servers into ...
CSO Online

AI is altering entry-level cyber hiring — and the nature of the skills gap

To build a stronger future workforce, CISOs need to prioritize problem-solving over existing technical knowledge, while ...
CSO Online

Where CISOs need to see Splunk go next

Splunk’s latest .Conf focused on machine data, federation, resiliency, and easing the cybersecurity burden. That’s a good ...
CSO Online

5 steps for deploying agentic AI red teaming

Agentic AI functions like an autonomous operator rather than a system that is why it is important to stress test it with ...
CSO Online

CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy

At its Fal.Con conference, the cybersecurity giant launched its Agentic Security Platform and Agentic Security Workforce, ...
CSO Online

Check Point acquires Lakera to build a unified AI security stack

The acquisition brings runtime protection, continuous red teaming, and multilingual defenses into Check Point’s Infinity ...
CSO Online

Apple patches critical zero-day in ImageIO amid reports of targeted exploits

With no workaround available, Apple advises all users to install iOS 16.7.12 and iPadOS 16.7.12 without delay.
CSO Online

CobaltStrike’s AI-native successor, ‘Villager,’ makes hacking too easy

The new AI-native framework, freely available online, could make advanced cyberattacks faster, easier, and more accessible ...
CSO Online

Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire

The global operation dismantled a Nigerian-led criminal service that generated hundreds of millions of malicious emails ...