[go: up one dir, main page]

Americas

Asia

Europe

Oceania

  • Australia
Popular Topics

Topics

About

Policies

Our Network

More

Latest from today

News
Image

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command-and-control to evade detection.

By Shweta Sharma
4 mins
CyberattacksCybercrimeSecurity
Opinion
Image

Authentication is broken: Here’s how security leaders can actually fix it

By Bhanu Handa
9 mins
Access ControlAuthenticationIdentity and Access Management
Feature
Image

6 ways attackers abuse AI services to hack your business

By John Leyden
7 mins
Artificial IntelligenceCyberattacksCybercrime
Opinion

Escaping the COTS trap

By Anant Wairagade
9 mins
Artificial IntelligenceEnterprise ArchitectureSecurity Software
News

Security lapse lets researchers view React2Shell hackers’ dashboard

By Howard Solomon
5 mins
CybercrimeMalwareSecurity
News

A core infrastructure engineer pleads guilty to federal charges in insider attack

By Evan Schuman
3 mins
CyberattacksCybercrimeLegal
News

Google patches fourth Chrome zero-day so far this year

By Maxwell Cooter
2 mins
Browser SecurityEndpoint ProtectionVulnerabilities
News

Internet Bug Bounty program hits pause on payouts

By Maxwell Cooter
2 mins
BugsOpen SourceVulnerabilities
News

Claude Code is still vulnerable to an attack Anthropic has already fixed

By Maxwell Cooter
2 mins
Code SecurityDevelopment ToolsVulnerabilities

More security news

news

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

Attackers exploited a vulnerability scanner to steal 350GB of data that they then leaked on the dark web.

By John E. Dunn
4 Apr 2026 4 mins
Cloud SecurityCode SecuritySecurity
news

Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative

WordPress's massive installed base isn't going anywhere, but many developers and AI agents are not opting for the product for new sites. Will they go for Cloudflare instead?

By Evan Schuman
3 Apr 2026 7 mins
BusinessEnterpriseInternet Security
news

Cisco fixes critical IMC auth bypass present in many products

The Integrated Management Controller (IMC) flaw gives attackers admin access and remote control over servers even when main OS is shut down.

By Lucian Constantin
3 Apr 2026 4 mins
Network SecuritySecurityVulnerabilities
news

EvilTokens abuses Microsoft device code flow for account takeovers

The phishing-as-a-service toolkit leverages legitimate authentication to capture tokens and access Microsoft 365 services.

By Shweta Sharma
2 Apr 2026 4 mins
PhishingSecuritySocial Engineering
news

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and then suggested ways to exploit them.

By John E. Dunn
2 Apr 2026 4 mins
Code EditorsDevelopment ToolsVulnerabilities
news

WhatsApp malware campaign uses malicious VBS files to gain persistent access

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain persistence and evade detection.

By Shweta Sharma
1 Apr 2026 3 mins
CybercrimeMalwareSecurity
news

Anthropic employee error exposes Claude Code source

A version of the AI coding tool in Anthropic's npm registry included a source map file, which leads to the full proprietary source code.

By Howard Solomon
1 Apr 2026 5 mins
Artificial IntelligenceData BreachSecurity
news analysis

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem.

By Lucian Constantin
1 Apr 2026 7 mins
CyberattacksDevSecOpsNode.js
news

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring immediate patching and compromise assessment.

By Lucian Constantin
1 Apr 2026 4 mins
SecurityVulnerabilities
news

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data exfiltration.

By Shweta Sharma
31 Mar 2026 4 mins
Artificial IntelligenceSecurityVulnerabilities
news

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of internet facing systems at risk.

By Taryn Plumb
31 Mar 2026 5 mins
SecurityVulnerabilities
news

LangChain path traversal bug adds to input validation woes in AI pipelines

The path traversal flaw, allowing access to arbitrary files, adds to a growing set of input validation issues in AI pipelines.

By Shweta Sharma
30 Mar 2026 4 mins
SecurityVulnerabilities

Explore a topic

Hear from the Experts

Feature

What CISOs need to know about the OpenClaw security nightmare

Clawdbot, I mean, Moltbot, I mean, OpenClaw may be an immediate cybersecurity nightmare for enterprises, so here are its dangers and what to consider to prevent inadvertent access to company’s data or how to experiment with it in a controlled environment — if you dare to.

By Maria Korolov
12 Feb 202612 mins
Artificial IntelligenceData and Information SecurityGenerative AI
Robots, Laptpops, AI Crawler

Spotlight: Setting the 2026 IT agenda

Articles Buyer’s Guide

Our annual State of the CIO Survey, now in its 25th year, highlights the ongoing evolution of the CIO role from IT operator to strategic business leader. The data is brought to life in conversations with IT leaders about their experience shaping enterprise strategy, enabling business growth, and leading cultural change. State of the CIO illuminates key areas of business and technology investment and this focus provides an ideal opportunity for sponsors to align with the opportunities highlighted by the research.

View all

Popular topics

IT Leadership

opinion
Image

12 cyber industry trends revealed at RSAC 2026

By Jon Oltsik
3 Apr 2026 8 mins
EventsRSA ConferenceSecurity Practices
feature

Enterprise Spotlight: Setting the 2026 IT agenda

By CSO Staff
1 Apr 2026 1 min
Artificial IntelligenceEnterprise Buyer’s GuidesIT Leadership
feature

8 ways to bolster your security posture on the cheap

By John Edwards
31 Mar 2026 7 mins
BudgetingIT LeadershipRisk Management
View topic

Generative AI

feature
Image

The CISO’s guide to responding to shadow AI

By Carrie Pallardy
27 Mar 2026 8 mins
Artificial IntelligenceGenerative AISecurity
opinion

A 5-step approach to taming shadow AI

By Greg Neville
11 Mar 2026 7 mins
Artificial IntelligenceGenerative AIRisk Management
opinion

How to make LLMs a defensive advantage without creating a new attack surface

By Ankit Gupta
27 Feb 2026 9 mins
Generative AISecurity InfrastructureSecurity Operations Center
View topic

Careers

feature
Image

What it takes to win that CSO role

By David Weldon
16 Mar 2026 9 mins
C-SuiteCSO and CISOCareers
events promotion

Announcing the 2026 CSO Hall of Fame honorees

By CSO events
11 Mar 2026 5 mins
CareersData and Information SecurityRisk Management
feature

How to know you’re a real-deal CSO — and whether that job opening truly seeks one

By David Weldon
4 Mar 2026 10 mins
CSO and CISOCareersIT Leadership
View topic

Upcoming Events

Apr/16
Image
in-person event

CIO 100 Leadership Live Los Angeles 2026

16 Apr 20268:30 am-4:30 pm (PT)Torrance Marriott Redondo Beach
CIOCIO 100CIO Leadership Live
Apr/28
Image
in-person event

CIO 100 Leadership Live Singapore

28 Apr 2026Singapore
IT Leadership
May/11-May/13
Image
conference

CSO Cybersecurity Awards & Conference US 2026

11 May 2026Loews Nashville Hotel at Vanderbilt Plaza, Nashville, TN
CSO and CISOCSO50IT Leadership
View all events

Show me more

opinion

Cybersecurity in the age of instant software

By Bruce Schneier
10 mins
Artificial IntelligencePatch Management SoftwareSecurity
Image
brandpost Sponsored by N-able

7 ways to improve your business resilience with backup and recovery

By N-able
5 mins
Security
Image
brandpost Sponsored by N-able

5 Steps to break free from alert fatigue and build resilient security operations

By N-able
5 mins
Security
Image
podcast

CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals

By Estelle Quek
23 mins
CyberattacksCybercrimeRansomware
Image
podcast

How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA

By Joan Goodchild
28 mins
CyberattacksCybercrime
Image
podcast

Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target

By Joan Goodchild
23 mins
CybercrimeSmall and Medium Business
Image
video

CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals

By Estelle Quek
23 mins
CSO and CISOElectronic Health RecordsRansomware
Image
video

How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA

By Joan Goodchild
28 mins
CyberattacksCybercrime
Image
video

Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target

By Joan Goodchild
23 mins
CybercrimeSmall and Medium Business
Image