News

CSO Online
csoonline.com > article > 4197499 > npm-ecosystem-hit-with-two-new-supply-chain-compromises.html

NPM ecosystem hit with two new supply chain compromises

1+ day, 14+ hour ago  (493+ words) Attacks targeting developer ecosystems are increasing in frequency and sophistication, with Node.js developers firmly in this week’s crosshairs, as multiple npm packages belonging to the open-source AsyncAPI and Jscrambler Code Integrity were poisoned with malware following compromised development credentials....

CSO Online
csoonline.com > article > 4197184 > new-windows-bind-link-techniques-let-attackers-evade-edr-security-controls.html

New Windows Bind Link techniques let attackers evade EDR, security controls

9+ hour, 13+ min ago  (524+ words) Attackers who already have administrator privileges on a Windows machine have newer ways to slip past endpoint security without exploiting a vulnerable driver or modifying trusted binaries. Bitdefender researchers have warned against three techniques that abuse Windows Bind Links, a…...

CSO Online
csoonline.com > article > 4197325 > new-bugs-in-claude-for-chrome-allow-extensions-to-abuse-ai-privileges.html

New bugs in Claude for Chrome allow extensions to abuse AI privileges

11+ hour, 57+ min ago  (366+ words) Two vulnerabilities found in Anthropic’s Claude for Chrome extension remain exploitable months after they were reported to the company, a research by Manifold Security noted. According to the researchers, the flaws can allow a malicious browser extension to trigger Claude…...

CSO Online
csoonline.com > article > 4196827 > when-80000-fans-log-on-at-once-the-2026-world-cups-unique-cybersecurity-issues.html

When 80,000 fans log on at once: The 2026 World Cup's unique cybersecurity issues

19+ hour, 49+ min ago  (472+ words) With the World Cup in full swing, stadiums across North America are currently accommodating thousands of fans every match day. That said, the stadiums’ biggest security challenge isn’t of a physical nature. In this article, we’ll examine the World Cup…...

CSO Online
csoonline.com > article > 4196818 > cybersecurity-needs-more-prevention-and-less-reliance-on-cure.html

Cybersecurity needs more prevention and less reliance on cure

5+ day, 12+ hour ago  (722+ words) Ask any medical doctor, and they’ll tell you that prevention is better than cure. It’s more cost-effective and it has better outcomes. The same is true in cybersecurity. But we believe that our industry has veered too far away from…...

CSO Online
csoonline.com > article > 4196940 > patch-tuesday-roundup-microsoft-fixes-a-monthly-record-569-holes-sap-patches-a-critical-memory-corruption-bug.html

Patch Tuesday roundup: Microsoft fixes a monthly record 569 holes; SAP patches a critical memory corruption bug

1+ day, 12+ hour ago  (808+ words) Earlier this month Microsoft warned that, because the latest AI models can now help discover vulnerabilities, CSOs will see a higher volume of security updates every month. It wasn’t kidding. Today the company issued a record number of patches, with…...

CSO Online
csoonline.com > article > 4196646 > phishing-for-dummies-forg365-lowers-barrier-to-m365-account-takeovers.html

Phishing for dummies: Forg365 lowers barrier to M365 account takeovers

1+ day, 12+ hour ago  (639+ words) A newly documented phishing-as-a-service platform distributed through Telegram is lowering the technical barrier to Microsoft 365 account takeovers by giving less-skilled attackers automated tools to evade some authentication controls and retain access after compromise. Forg365 was offered with a five-day free trial,…...

CSO Online
csoonline.com > article > 4196447 > governments-to-enterprises-improve-your-router-security-hygiene.html

Governments to enterprises: Improve your router security hygiene

1+ day, 21+ hour ago  (631+ words) Global security agencies say enterprises must clean up their act as Russian government-sponsored attackers exploit weaknesses in routers. They then transfer configuration files to servers they control. These files, containing plaintext or weakly-encoded information like credentials, or details about the…...

CSO Online
csoonline.com > in > vendors-and-providers

Vendors and Providers

11+ mon, 3+ day ago  (286+ words) | News, how-tos, features, reviews, and videos With AI and generative AI capabilities on the rise, a shift toward consolidation and platforms over point solutions is redefining the IT security market — as well as its leading vendors. With the two new…...

CSO Online
csoonline.com > article > 571939 > sase-in-the-spotlight-as-businesses-prioritize-edge-network-security.html

SASE in the spotlight as businesses prioritize edge network security

2+ day, 11+ hour ago  (547+ words) Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller…...