Latest from todayOpinion12 cyber industry trends revealed at RSAC 2026AI dominated an event full of vendor hyperbole, user apprehension, and some meaningful cybersecurity dialogue. Here’s an overview of the state of the industry today.By Jon OltsikApr 3, 20268 minsEventsRSA ConferenceSecurity Practices Opinion Cybersecurity in the age of instant softwareBy Bruce SchneierApr 2, 202610 minsArtificial IntelligencePatch Management SoftwareSecurityFeature 9 ways CISOs can combat AI hallucinationsBy Linda RosencranceApr 1, 20269 minsArtificial IntelligenceComplianceRisk Management NewsCisco fixes critical IMC auth bypass present in many productsBy Lucian Constantin Apr 2, 20264 minsNetwork SecuritySecurityVulnerabilities OpinionSecurity awareness is not a control: Rethinking human risk in enterprise securityBy Oludolamu Onimole Apr 1, 202610 minsApplication SecurityPhishingSocial Engineering News AnalysisAttackers trojanize Axios HTTP library in highest-impact npm supply chain attackBy Lucian Constantin Mar 31, 20267 minsCyberattacksDevSecOpsNode.js OpinionThe external pressures redefining cybersecurity riskBy John Bruggeman Mar 31, 20268 minsIT GovernanceRisk ManagementVendor Management Opinion6 key takeaways from RSA Conference 2026By David Gee Mar 31, 202611 minsCSO and CISOEventsRSA Conference FeatureAPIs are the new perimeter: Here’s how CISOs are securing themBy Bill Doerrfeld Mar 30, 202614 minsAPIsApplication SecurityIdentity and Access Management More security newsnewsSecurity lapse lets researchers view React2Shell hackers’ dashboardThe campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the damage 'could be absolute.'By Howard Solomon Apr 3, 2026 5 minsCybercrimeMalwareSecuritynewsA core infrastructure engineer pleads guilty to federal charges in insider attackAnalysts say CISOs and IT leaders can do a better job of preventing such attacks via what should be standard security procedures.By Evan Schuman Apr 3, 2026 3 minsCyberattacksCybercrimeLegalnewsGoogle patches fourth Chrome zero-day so far this yearAt least it has some AI-powered tools to help it find and patch the bugs.By Maxwell Cooter Apr 3, 2026 2 minsBrowser SecurityEndpoint ProtectionVulnerabilitiesnewsInternet Bug Bounty program hits pause on payoutsHackerOne is the latest organization to struggle with AI submissions.By Maxwell Cooter Apr 3, 2026 2 minsBugsOpen SourceVulnerabilitiesnewsClaude Code is still vulnerable to an attack Anthropic has already fixedAnthropic’s source code leak revealed a new way to get Claude Code to do things it doesn’t want to.By Maxwell Cooter Apr 3, 2026 2 minsCode SecurityDevelopment ToolsVulnerabilitiesnewsCERT-EU blames Trivy supply chain attack for Europa.eu data breachAttackers exploited a vulnerability scanner to steal 350GB of data that they then leaked on the dark web.By John E. Dunn Apr 3, 2026 4 minsCloud SecurityCode SecuritySecuritynewsCloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternativeWordPress's massive installed base isn't going anywhere, but many developers and AI agents are not opting for the product for new sites. Will they go for Cloudflare instead?By Evan Schuman Apr 2, 2026 7 minsBusinessEnterpriseInternet SecuritynewsEvilTokens abuses Microsoft device code flow for account takeoversThe phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services. By Shweta Sharma Apr 2, 2026 4 minsPhishingSecuritySocial EngineeringnewsVim and GNU Emacs: Claude Code helpfully found zero-day exploits for bothA simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and then suggested ways to exploit them.By John E. Dunn Apr 1, 2026 4 minsCode EditorsDevelopment ToolsVulnerabilitiesnewsWhatsApp malware campaign uses malicious VBS files to gain persistent accessThe attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain persistence and evade detection.By Shweta Sharma Apr 1, 2026 3 minsCybercrimeMalwareSecurityfeatureEnterprise Spotlight: Setting the 2026 IT agendaDownload the January 2026 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World and learn about the trends and technologies that will drive the IT agenda in the year ahead.By CSO Staff Apr 1, 2026 1 minArtificial IntelligenceEnterprise Buyer’s GuidesIT LeadershipnewsAnthropic employee error exposes Claude Code source A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code.By Howard Solomon Mar 31, 2026 5 minsArtificial IntelligenceData BreachSecurity Show more Show less Video on demand video How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA What if you could stop cyberattacks before they happen? In this episode of Cyber Sessions, host Joan Goodchild sits down with Erin Whitmore, former CIA case officer and current Head of the CYNTURION Group for CYPFER, to discuss how her team uses intelligence and AI to anticipate and prevent attacks before adversaries strike. Whitmore reveals how proactive cybersecurity is blending human intuition, artificial intelligence, and offensive tactics to predict threats — while balancing the line between privacy and protection. By Joan Goodchild Feb 4, 2026 28 minsCyberattacksCybercrime Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild Jan 13, 2026 23 mins CybercrimeSmall and Medium Business Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan Goodchild Dec 15, 2025 26 mins Application SecurityCSO and CISO CISO Reality: Record Pay, Rising Pressure, and Retention Risk By Joan Goodchild Dec 10, 2025 27 mins CSO and CISOSecurity Infrastructure See all videos Explore a topicGenerative AIApplication SecurityBusiness ContinuityBusiness OperationsCareersCloud SecurityComplianceCritical InfrastructureCybercrimeIdentity and Access ManagementIndustryIT LeadershipNetwork SecurityPhysical SecurityView all topics Spotlight: Setting the 2026 IT agenda Articles Buyer’s Guide Our annual State of the CIO Survey, now in its 25th year, highlights the ongoing evolution of the CIO role from IT operator to strategic business leader. The data is brought to life in conversations with IT leaders about their experience shaping enterprise strategy, enabling business growth, and leading cultural change. State of the CIO illuminates key areas of business and technology investment and this focus provides an ideal opportunity for sponsors to align with the opportunities highlighted by the research. View all Popular topicsGenerative AI featureThe CISO’s guide to responding to shadow AIBy Carrie Pallardy Mar 26, 2026 8 minsArtificial IntelligenceGenerative AISecurity opinionA 5-step approach to taming shadow AIBy Greg Neville Mar 11, 2026 7 minsArtificial IntelligenceGenerative AIRisk Management opinionHow to make LLMs a defensive advantage without creating a new attack surfaceBy Ankit Gupta Feb 27, 2026 9 minsGenerative AISecurity InfrastructureSecurity Operations Center View topic Cybercrime newsEuropean Commission data stolen in a cyberattack on the infrastructure hosting its web sitesBy Howard Solomon Mar 27, 2026 5 minsCloud SecurityCyberattacksCybercrime newsGitHub phishers use fake OpenClaw tokens to drain crypto walletsBy Shweta Sharma Mar 26, 2026 4 minsCybercrimePhishingSocial Engineering newsTrivy supply chain breach compromises over 1,000 SaaS environments, Lapsus$ joins the extortion waveBy Gyana Swain Mar 25, 2026 5 minsCybercrimeMalwareSecurity View topic Careers featureWhat it takes to win that CSO roleBy David Weldon Mar 16, 2026 9 minsC-SuiteCSO and CISOCareers events promotionAnnouncing the 2026 CSO Hall of Fame honoreesBy CSO events Mar 11, 2026 5 minsCareersData and Information SecurityRisk Management featureHow to know you’re a real-deal CSO — and whether that job opening truly seeks oneBy David Weldon Mar 4, 2026 10 minsCSO and CISOCareersIT Leadership View topic IT Leadership feature8 ways to bolster your security posture on the cheapBy John Edwards Mar 31, 2026 7 minsBudgetingIT LeadershipRisk Management opinion8 steps CISOs can take to empower their teamsBy Michael Oberlaender Mar 27, 2026 7 minsCSO and CISOIT LeadershipIT Management opinion5 key priorities for your RSAC 2026 agendaBy David Gee Mar 19, 2026 5 minsEventsIT LeadershipRSA Conference View topic In depth FeatureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsCyber Sessions with Joan GoodchildCybersecurity is constantly evolving, and so are the leaders who shape it. Hosted by veteran journalist Joan Goodchild, Cyber Sessions brings candid conversations with top CISOs, strategists, and industry influencers. Each episode cuts through the noise to explore the trends, challenges, and leadership insights that define the future of security.6 episodesSecuritySecurity Practices Ep. 06 How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan Goodchild Jun 28, 202328 mins CyberattacksCybercrime Ep. 06 Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild Jun 28, 202323 mins CybercrimeSmall and Medium Business Upcoming Events16/Apr in-person event CIO 100 Leadership Live Los Angeles 2026Apr 16, 20268:30 am-4:30 pm (PT)Torrance Marriott Redondo Beach CIOCIO 100CIO Leadership Live 11/May-13/May conference CSO Cybersecurity Awards & Conference US 2026May 11, 2026Loews Nashville Hotel at Vanderbilt Plaza, Nashville, TN CSO and CISOCSO50IT Leadership View all events Show me moreLatestArticlesPodcastsVideos brandpost Sponsored by N-able 7 ways to improve your business resilience with backup and recovery By N-ableApr 1, 20265 mins Security brandpost Sponsored by N-able 5 Steps to break free from alert fatigue and build resilient security operations By N-ableApr 1, 20265 mins Security brandpost Sponsored by N-able 5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes) By N-ableApr 1, 20265 mins Security podcast CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CyberattacksCybercrimeRansomware podcast How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan GoodchildFeb 4, 202628 mins CyberattacksCybercrime podcast Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan GoodchildJan 13, 202623 mins CybercrimeSmall and Medium Business video CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CSO and CISOElectronic Health RecordsRansomware video CSO Executive Sessions ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity By Estelle QuekJan 11, 202628 mins CyberattacksCybercrimeHuman Resources video CSO Executive Sessions Australia with Daisy Wong, Head of Security Awareness at Medibank Dec 14, 202538 mins CSO and CISO