CSO Online2d
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
Successful exploitation could allow attackers to steal data, install malware, or take full control over affected big data ...
CSO Online2d
AI programming copilots are worsening code security and leaking more secrets
Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security ...
CSO Online2d
Royal Mail investigates data leak
Several gigabytes of sensitive customer data have surfaced on the darknet, allegedly from the British postal service Royal ...
CSO Online2d
Trump fires NSA and Cybercom chief, jeopardizing cyber intel
Lawmakers fear the firing of Gen. Timothy Haugh will lead to a loss of critical intelligence at a time when cyber threats ...
CSO Online1d
Ivanti warns customers of new critical flaw exploited in the wild
Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution ...
CSO Online4d
The urgent reality of machine identity security in 2025
Here, we’ll explore the growth of machine identities, the associated risks, and the strategies organizations can adopt to ...
CSO Online3d
AI disinformation didn’t upend 2024 elections, but the threat is very real
The next phase of AI disinformation won’t just target voters but target organizations, supply chains, and critical ...
CSO Online3d
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
A lawsuit filed Monday accused Oracle of failing to acknowledge a recent data breach — but the company has reportedly since ...
CSO Online2d
Too little budget for OT security despite rising threats
According to a recent study, many organizations still invest too little in protecting their operational technology (OT).
CSO Online4d
How CISOs can use identity to advance zero trust
This post aims to provide security leaders with the essential insights needed to actively engage in identity-related ...
CSO Online2d
Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices
A surge in internet probes targeting devices from Juniper Networks, Cisco Systems, and Palo Alto Networks should put their ...
CSO Online4d
Threat-informed defense for operational technology: Moving from information to action
More than ever, cybercriminal networks are now operating like legitimate businesses. In response, organizations must adopt a ...