CSO Online

Vaillant CISO: NIS2 complexity and lack of clarity endanger its mission

Raphael Reiß, CISO at EU HVAC giant Vaillant Group, explains what cyber challenges his industry faces, including how to ...
CSO Online

Offensive security takes center stage in the AI era

A growing percentage of CISOs see OffSec as a must-have for improving their overall security posture — especially as AI cyber ...
CSO Online

Chinese cyberspies target VMware vSphere for long-term persistence

CISA and the NSA warn that Chinese state-sponsored attackers are deploying malware dubbed BRICKSTORM on VMware servers to ...
CSO Online

AI in CI/CD pipelines can be tricked into behaving badly

Malicious content in issues or pull requests can trick AI agents in CI/CD workflows into running privileged commands in an ...
CSO Online

Warning: React2Shell vulnerability already being exploited by threat actors

It has been seen spreading cryptojacking malware and in attempts to steal cloud credentials from compromised machines.
CSO Online

15 years in, zero trust remains elusive — with AI rising to complicate the challenge

Technology rethink urged as enterprises still struggle to achieve the full benefits of zero trust access control.
CSO Online

Hardening browser security with zero-trust controls

Modern attacks hit the browser first, so zero trust flips the script — verify identity, check the device and lock down each ...
CSO Online

Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report

The Signalgate scandal that enveloped US Secretary of Defense Pete Hegseth in March appears to be symptomatic of a wider lax ...
CSO Online

AI creates new security risks for OT networks, warns NSA

Although intended for OT administrators, new multi-agency AI guidelines raise issues that apply across IT networks as well.
CSO OnlineOpinion

Avoiding the next technical debt: Building AI governance before it breaks

AI is moving fast, but without early guardrails, it’ll cause the same messy debt we faced with cloud and APIs.
CSO Online

Cloudflare firewall reacts badly to React exploit mitigation

That vulnerability, tracked as CVE-2025-55182, enables attackers to remotely execute code on web servers running the React 19 ...
CSO Online

Key questions CISOs must ask before adopting AI-enabled cyber solutions

From assessing your organizational risk tolerance to vetting the vendor’s long-term viability, AI-powered capabilities ...