CSOonline

A smiling man with short dark hair and a light beard, wearing a blue t-shirt, poses in front of a blurred background of water and what appears to be a dock or bridge structure.

Hackers are using AI agents to outsmart old logins. It’s time to ditch passwords and move to phishing-proof credentials like passkeys.

Don’t miss the full story from #FoundryExpert Contributor, Srinivasa Ravi Teja Peri: spr.ly/633227PN1m

#Authentication
#Passwords
#Phishing

A professional headshot of a Black woman with curly hair and glasses, wearing a navy blazer and white blouse. She's confidently posed with her arms crossed against a gray background.

If your backups aren’t secure, your business isn’t either. Cybersecurity and continuity must now work hand in hand to keep you running.

Don’t miss the full story from #FoundryExpert Contributor, Omowunmi Makinde, MsC: spr.ly/633227PFTj

#Hacking #DataBreach

A woman with brown skin, dark hair, and a bindi is centered in the image. She wears a blue top and a gold necklace. The background is light.

The next pandemic won’t just test our biology — it’ll test whether our AI and cybersecurity can survive the storm.

Read the full piece from #FoundryExpert Contributor, Rama Devi Drakshpalli: spr.ly/633297OiqD

Enjoyed this story? ⬇️
spr.ly/633247Oiqy

Russian APT abuses Windows Hyper-V for persistence and malware execution Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor.

Cyberespionage groups are always looking for novel ways to establish covert and long-term persistent access to compromised systems. The latest example comes from a Russian APT group known as Curly COMrades. www.csoonline.com/article/4085...

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw Chinese UNC6384 campaign cleverly exploits Windows .LNK vulnerability, security company finds.

Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017.

www.csoonline.com/article/4082...

Flaw in React Native CLI opens dev servers to attacks The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0.

A critical remote-code execution (RCE) flaw in the widely used @react-native-community/cli (and its server API) lets attackers run arbitrary OS commands via the Metro development server, the default JavaScript bundler for React Native.

www.infoworld.com/article/4085...

Crowdstrike cybersecurity report highlights a spike in physical attacks on privileged users Will CISOs now have to plan defenses for attackers with guns and knives? Said one consultant: “It is giving new meaning to 'brute force' attacks.”

While tracking cyberattacks since last year, a Crowdstrike report also found that physical attacks and kidnappings have increased dramatically, particularly in Europe.

www.csoonline.com/article/4084...

10 promising cybersecurity startups CISOs should know about From NHI security to deepfake detection and securing the agentic enterprise, these startups have the products, pedigree, track record, and vision to be worthy of CISOs’ security tech radar.

www.csoonline.com/article/4080...

A man smiles wearing a blue shirt and gray blazer, facing forward. He has short, graying hair. The background is a blurry white.

Cyber threats don’t just hit your systems — they move through your connections. The ULM shows how those hidden links fuel real risk.

Don’t miss the full story from #FoundryExpert Contributor, Henry Sienkiewicz: spr.ly/633257HRR3

#ZeroTrust #Cyberattacks

Close-up of a smiling Black man with a neatly trimmed graying beard, wearing blue-rimmed glasses and a black turtleneck sweater, facing the camera directly with a soft, neutral background.

If your cyber dashboard looks like a tech manual, you’re flying blind. Real leaders measure resilience, not patch counts.

Here are the only metrics that matter to rewire your boardroom dashboard spr.ly/633227GG5O

#Analytics
#NetworkSecurity
#ROIandMetrics #FoundryExpert

Headshot of a man with a beard wearing glasses, a suit jacket, and a patterned blue tie. He is smiling at the camera.

Is your perimeter having an identity crisis?

Your biggest security risk might now sound exactly like your boss. AI clones identities so well that only zero-trust thinking can keep you safe.

Get the full story by #FoundryExpert Contributor, Chris Novak: spr.ly/633247Eajp

BlueNoroff reemerges with new campaigns for crypto theft and espionage GhostCall and GhostHire use fake investor meetings and bogus recruiter tests to deliver cross-platform malware to blockchain and Web3 professionals.

North Korea-aligned threat actor BlueNoroff, also known under aliases APT38 and TA444, has resurfaced with two new campaigns dubbed “GhostCall” and “GhostHire,” targeting executives, Web3 developers, and blockchain professionals.

www.csoonline.com/article/4081...

Notable post-quantum cryptography initiatives paving the way toward Q-Day The security community is working toward cryptographic encryption that can withstand post-quantum threats as quantum’s ability to break existing algorithms looms. Here are the latest developments.

The point at which quantum computers will be capable of breaking existing cryptographic algorithms — known as “Q-Day” — is approaching. Here's a rundown of the latest developments in post-quantum cryptography. www.csoonline.com/article/6548...

Top 7 agentic AI use cases for cybersecurity Agentic AI is revolutionizing the IT world. Yet its greatest benefit may lie in strengthening cybersecurity.

Is your organization ready to add agentic AI to its cybersecurity arsenal? Here are seven top use cases for your consideration.

www.csoonline.com/article/4079...

Atroposia malware kit lowers the bar for cybercrime — and raises the stakes for enterprise defenders Researchers have discovered an inexpensive, full-featured malware-as-a-service kit combining vulnerability scanning, covert access, and DNS hijacking.

Researchers at Varonis have discovered a turnkey plug-and-play toolkit, dubbed Atroposia, that even the least experienced threat actor can effectively use for just $200 a month.

www.csoonline.com/article/4080...

A selfie of a man on an airplane, seated next to a window. Outside, the view includes airport tarmac, buildings, and a blue sky. The man has short hair and is wearing a dark-colored shirt.

Volvo’s data scare shows how fast — and smart — you need to move after a breach, especially when the problem starts with a vendor.

Catch the full write-up by #FoundryExpert Contributor, Justin Tolman: spr.ly/633267Dtse

#Cyberattacks
#DataBreach
#IncidentResponse

Close-up of a smiling man with dark hair and a light complexion, wearing a blue suit jacket and a white shirt, standing in front of a reflective glass building.

Reactive security is dead. The ROC proves the future belongs to those who fuse cyber and finance before the next breach hits.

Catch the full write-up by #FoundryExpert Contributor, Vishaal Hariprasad: spr.ly/633277Dtgt

#Cyberattacks
#Malware
#Ransomware

Do CISOs need to rethink service provider risk? CISOs are charged with managing a vast ecosystem of MSPs and MSSPs, but are the usual processes fit for purpose as outsourced services become more complex and critical — and will AI force a rethink?

As organizations increasingly rely on services providers to help manage critical systems and security operations – from cloud infrastructure and data platforms to managed security and AI services – the risk of exposure also grows.
www.csoonline.com/article/4075...

70% of CISOs say internal conflicts more damaging than cyberattacks CISO-CEO tension and unclear authority under duress are imperiling incident response. CISOs must establish not only clear response plans but also leadership alliances centered on business value, advis...

Roughly 70% of security executives believe internal conflicts during a crisis cause more problems than the cyberattack itself.

www.csoonline.com/article/4079...

Atlas browser exploit lets attackers hijack ChatGPT memory OpenAI’s Atlas browser is under scrutiny after researchers demonstrated how attackers can hijack ChatGPT memory and execute malicious code, without leaving traditional malware traces.

Days after cybersecurity analysts warned enterprises against installing OpenAI’s new Atlas browser, researchers have discovered a vulnerability that allows attackers to infect systems with malicious code, granting themselves access privileges, or deploy malware. www.csoonline.com/article/4080...

Close-up of a woman with dark hair and a warm smile. She is wearing a black jacket over a red top. The background is plain white.

Go beyond data sovereignty promises to proof with five CSO controls: zero-trust, local keys, logs, validation and third-party attestation.

See what #FoundryExpert Contributor Michelle Buckner has to say: spr.ly/6332478dwG

#AccessControl
#Encryption
#ZeroTrust

The 10 biggest issues CISOs and cyber teams face today From escalating AI-enabled threats to budgets that don’t scale alongside expanding threat landscapes, security leaders are reshaping their agendas to address several key long-standing and emerging con...

CISOs are dealing with rising risks, competing priorities, limited budgets, and more. Here, they cite the 10 issues that are top of mind today.

www.csoonline.com/article/4077...

A man with dark hair and sunglasses in a gray t-shirt. Behind him is blurred background with water and a cityscape. He's centered, looking directly at the camera with a neutral expression.

Signal’s getting ahead of the quantum curve, adding new layers of encryption to keep your chats safe from tomorrow’s supercomputers.

Get the full story by #FoundryExpert Contributor, Sunil Gentyala: spr.ly/63321AhYfb

#Encryption #Security

A smiling man with short brown hair stands with arms crossed. He wears a blue polo shirt with "RESOLVE" on it and a smartwatch. A blurred city backdrop is visible.

Detection’s not defense — if you can’t act in five minutes, you’re already losing the cyber war.

Get the full story by #FoundryExpert Contributor, Sean Heuer: spr.ly/63325AhYyJ

#CloudSecurity #CyberAttacks

Manipulating the meeting notetaker: The rise of AI summarization optimization As AI increasingly becomes the system of record for company meetings, adversarial techniques for manipulating the algorithm’s takeaways and actions items will sway business decisions and directions in...

As AI increasingly becomes the system of record for company meetings, adversarial techniques for manipulating the algorithm’s takeaways and actions items will sway business decisions and directions in subtle ways.

www.csoonline.com/article/4077...

Why must CISOs slay a cyber dragon to earn business respect? Security leaders and industry experts weigh in on the complex calculus of CISOs’ internal clout.

Although one in four security leaders find themselves replaced after a ransomware attack, for example, other CISOs are finding incident-hardened experiences — with transparent and successful outcomes — to be increasingly sought after in the hiring market.

www.csoonline.com/article/4074...

Serious vulnerability found in Rust library Hole in the TAR library and its forks could lead to remote code execution.

Researchers at Edera say they have uncovered a critical boundary-parsing bug, dubbed TARmageddon (CVE-2025-62518), in the popular async-tar Rust library. And not only is it in this library, but also in its many forks, including the widely used tokio-tar.
www.csoonline.com/article/4077...

Prompt hijacking puts MCP-based AI workflows at risk An AI version of session hijacking can lead to attackers injecting malicious prompts into legitimate MCP communications.

Security researchers warn that MCP-based AI workflows can be vulnerable to malicious prompt injection attacks if session ID management was implemented insecurely on the MCP servers facilitating the connection. www.csoonline.com/article/4077...

A portrait of a young man with brown hair and a beard, wearing a light colored shirt against a gray background. He has brown eyes and a serious expression.

Most GenAI pilots flop, but with better security, oversight and smart integration, enterprises can finally turn experiments into real impact.

Get expert perspective from #FoundryExpert Contributor, Virendra Singh Panwar spr.ly/63323A7LEL

#Privacy #APIs

Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift Salesforce failed to address the massive wave of OAuth breaches at its Dreamforce conference, but securing third-party authentication is paramount for the agentic future it seeks.

Security as a shared responsibility was a theme at Dreamforce, but what the conference didn’t address were weaknesses exposed by the recent spate of Salesforce-related breaches that affected more than 700 companies. www.csoonline.com/article/4076...