News

CSO Online1d

FIDO authentication undermined

The FIDO standard is generally regarded as secure and user-friendly. It is used for passwordless authentication and is ...
CSO Online2d

Caught in the cyber crosshairs: A candy manufacturer’s 2025 ransomware ordeal

A few clicks nearly melted 150 years of chocolate-making — proof that in today’s supply chains, cyber threats can be deadly.
CSO Online4d

Silicon under siege: Nation-state hackers target semiconductor supply chains

As semiconductors become central to national security and economic power, cyberattacks have evolved into long-term ...
CSO Online4d

Hackers exploit unpatched Erlang/OTP to crack OT firewalls

A max-severity RCE vulnerability in Erlang’s OTP SSH daemon, CVE-2025-32433, was actively exploited in OT networks across six ...
CSO Online3d

Flaws in a pair of Grafana plugins could hand over DevOps control

Users must configure updated settings in SQLite and Infinity plugins to defend against attackers gaining admin privileges on ...
CSO Online5d

Citrix NetScaler flaw likely has global impact

A critical memory overflow bug in Citrix NetScaler devices is enabling remote code execution and DDoS attacks initially ...
CSO Online5d

August Patch Tuesday: Authentication hole in Windows Server 2025 now has a fix

Microsoft has assessed the vulnerability in Windows Server 2025 ( CVE-2025-53779 ) as “Exploitation Less Likely,” because an ...
CSO Online5d

GPT-5 jailbroken hours after launch using ‘Echo Chamber’ and Storytelling exploit

NeuralTrust says GPT-5 was jailbroken within hours of launch using a blend of ‘Echo Chamber’ and storytelling tactics that ...
CSO Online6d

‘Win-DDoS’: Researchers unveil botnet technique exploiting Windows domain controllers

SafeBreach researchers demonstrate how attackers can crash Windows domain controllers and build a botnet using ...
CSO Online5d

5 key takeaways from Black Hat USA 2025

The industry’s biggest annual get together offers CISOs insights into security researcher’s latest findings. From cloud ...
CSO Online3d

Russian APT group Curly COMrades employs novel backdoor and persistence tricks

A newly identified group launched attacks against key organizations in Georgia and Moldova using a custom backdoor program ...
CSO Online4d

New ransomware ‘Charon’ uses DLL sideloading to breach critical infrastructure

Charon uses encrypted payloads and trusted binaries to bypass EDR defenses, marking a shift toward stealthier, more ...