CSO Online2d
Big hole in big data: Critical deserialization bug in Apache Parquet allows RCE
Successful exploitation could allow attackers to steal data, install malware, or take full control over affected big data ...
CSO Online2d
Royal Mail investigates data leak
Several gigabytes of sensitive customer data have surfaced on the darknet, allegedly from the British postal service Royal ...
CSO Online2d
AI programming copilots are worsening code security and leaking more secrets
Copilot-enabled repos are 40% more likely to contain API keys, passwords, or tokens — just one of several issues security ...
CSO Online1d
Trump fires NSA and Cybercom chief, jeopardizing cyber intel
Lawmakers fear the firing of Gen. Timothy Haugh will lead to a loss of critical intelligence at a time when cyber threats ...
CSO Online1d
Ivanti warns customers of new critical flaw exploited in the wild
Chinese APT group UNC5221 appears to have studied a recent Ivanti Connect Secure patch to develop a remote code execution ...
CSO Online4d
Threat-informed defense for operational technology: Moving from information to action
More than ever, cybercriminal networks are now operating like legitimate businesses. In response, organizations must adopt a ...
CSO Online4d
10 best practices for vulnerability management according to CISOs
After years of neglect, organizations are investing in vulnerability management programs to address business risk. A dozen ...
CSO Online3d
Oracle quietly admits data breach, days after lawsuit accused it of cover-up
A lawsuit filed Monday accused Oracle of failing to acknowledge a recent data breach — but the company has reportedly since ...
CSO Online3d
AI disinformation didn’t upend 2024 elections, but the threat is very real
The next phase of AI disinformation won’t just target voters but target organizations, supply chains, and critical ...
CSO Online2d
Too little budget for OT security despite rising threats
According to a recent study, many organizations still invest too little in protecting their operational technology (OT).
CSO Online4d
Google fixes GCP flaw that could expose sensitive container images
The flaw could allow attackers to access restricted container images, potentially leading to privilege escalation, data theft ...
CSO Online2d
Surge in threat actors scanning Juniper, Cisco, and Palo Alto Networks devices
A surge in internet probes targeting devices from Juniper Networks, Cisco Systems, and Palo Alto Networks should put their ...