CSO Online

JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach

The breach underscores growing third-party cyber risks in financial services, with vendor-related incidents up 15% ...
CSO Online

Oracle OIM zero‑day: Pre‑auth RCE forces rapid patching across enterprises

The critical pre-authentication RCE flaw is added to CISA’s KEV catalog, with a warning for federal civilian agencies to ...
CSO Online

Invisible battles: How cybersecurity work erodes mental health in silence and what we can do about it

Cyber pros are burning out in the shadows, proving you can’t secure the business if you don’t take care of the humans behind ...
CSO Online

What keeps CISOs awake at night — and why Zurich might hold the cure

At Zurich’s recent cyber conference, CISOs swapped war stories about shrinking patch windows, AI threats and burnout — and ...
CSO Online

The CISO’s greatest risk? Department leaders quitting

A security exec’s job is not just to manage cyber risk. Protecting personnel from burnout, championing cyber’s business value ...
CSO Online

New Shai-Hulud worm spreading through npm, GitHub

The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, ...
CSO Online

FCC reversal removes federal cyber safeguards targeting telecom weaknesses post-Salt Typhoon attacks

Security leaders call the rollback ‘shockingly incompetent,’ warning it removes critical controls implemented after one of ...
CSO OnlineOpinion

Selling to the CISO: An open letter to the cybersecurity industry

The industry has stopped rewarding what works in favor of what sells. But as security leaders with very real risks on the ...
CSO Online

WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform

Researchers have uncovered a WhatsApp privacy flaw that allowed them to discover the 3.5 billion mobile numbers using the app ...
CSO Online

Ransomware gangs seize a new hostage: your AWS S3 buckets

Researchers warn that attackers are moving beyond on-prem systems and now using AWS’s own encryption and key management ...
CSO Online

Rethinking identity for the AI era: CISOs must build trust at machine speed

Human-centered identity systems were never designed for the coming wave of autonomous AI agents. CISOs face a reckoning over ...
CSO Online

The nexus of risk and intelligence: How vulnerability-informed hunting uncovers what everything else misses

When you treat vulnerabilities as clues instead of chores, you uncover threats, fix blind spots and finally make your ...