CSO Online

China‑linked PlushDaemon hijacks DNS via ‘EdgeStepper’ to weaponize software updates

A router implant is redirecting DNS traffic to attacker-controlled infrastructure, turning trusted update channels into ...
CSO Online

3 ways CISOs can win over their boards this budget season

To land your budget, show the board the real financial risk, plan past compliance and speak their language — not just ...
CSO Online

Iranian APT hacks helped direct missile strikes in Israel and the Red Sea

Amazon Threat Intel has correlated activity by Iranian threat groups with subsequent missile strikes, and suggests that IT ...
CSO OnlineOpinion

Selling to the CISO: An open letter to the cybersecurity industry

The industry has stopped rewarding what works in favor of what sells. But as security leaders with very real risks on the ...
CSO Online

WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform

Researchers have uncovered a WhatsApp privacy flaw that allowed them to discover the 3.5 billion mobile numbers using the app ...
CSO Online

The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College

How is cybersecurity education changing — and what skills do tomorrow’s security leaders really need? In this episode of ...
CSO Online

Behind the firewall: The hidden struggles of cyber professionals with a disability

Three cybersecurity professionals share how they’ve navigated bias, built resilience, and found belonging in an industry ...
CSO Online

Overcome the myriad challenges of password management to bolster data protection

This leaves businesses facing a number of challenges around password management. These include SSO (single sign on) ...
CSO Online

Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild

Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet ...
CSO Online

Rethinking identity for the AI era: CISOs must build trust at machine speed

Human-centered identity systems were never designed for the coming wave of autonomous AI agents. CISOs face a reckoning over ...
CSO Online

Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower

Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises ...
CSO Online

More work for admins as Google patches latest zero-day Chrome vulnerability

Chrome has suffered two other confirmed zero days in the V8 engine in 2025, from a tally of seven across Chrome as a whole.