CSO Online

Security agencies draw red lines around agentic AI deployments

CISA and international cyber authorities are pushing for least privilege, continuous auditing, and cautious rollout ...
CSO Online

Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models

As Anthropic’s Mythos model raises alarms over AI-enabled cyberattacks, the White House is reconsidering an oversight ...
CSO Online

The fake IT worker problem CISOs can’t ignore

Fake IT workers are using AI to fabricate resumes, defeat interviews, and secure remote access to corporate systems. It will ...
CSO Online

How CISOs should utilize data security posture management to inform risk

CISOs can take a step toward a “risk-first” mindset by adjusting their use of these tools from exception handling to risk ...
CSO Online

SAP npm package attack highlights risks in developer tools and CI/CD pipelines

Researchers say the campaign targeted developer credentials and cloud secrets while abusing trusted publishing and AI coding ...
CSO Online

Dismantle implicit trust in OT networks, CISA tells critical infrastructure operators

The US Cybersecurity and Infrastructure Security Agency (CISA) has asked owners and operators of operational technology to ...
CSO Online

Stopping AiTM attacks: The defenses that actually work after authentication succeeds

AiTM attacks don't steal passwords; they copy the result of a real login. You need to watch what happens after the user logs ...
CSO Online

AI agents can bypass guardrails and put credentials at risk, Okta study finds

An AI agent that revealed sensitive data without being asked. An agent that overruled its own guardrails. Another that sent ...
CSO Online

AWS leans on prior ingenuity to face future AI and quantum threats

Amazon Web Services has launched numerous security innovations in its first two decades. Three in particular will play key ...
CSO Online

ODNI to CISOs on threat assessments: You’re on your own

The 2026 Annual Threat Assessment from the ODNI marks a departure from systemic state-actor tracking, signaling that the ...
CSO Online

Researchers unearth industrial sabotage malware that predated Stuxnet by 5 years

Targeting high-precision floating-point arithmetic operations in engineering modeling software, Fast16 may now be the ...
CSO Online

The ‘manager of agents’: How AI evolves the SOC analyst role

AI isn't taking over the SOC; it’s turning analysts into "managers of agents" who oversee automated investigations instead of ...