CSO Online

Compromised npm package silently installs OpenClaw on developer machines

While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.
CSO Online

Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn

Permissive AI access and limited monitoring could allow malware to hide within trusted enterprise traffic, thereby ...
CSO Online

Keenadu: Android malware that comes preinstalled and can’t be removed by users

Keenadu infiltrated devices by posing as legitimate system components, prompting calls for tighter controls on firmware ...
CSO Online

Why 2025’s agentic AI boom is a CISO’s worst nightmare

AI agents may work smarter than chatbots, but with tool access and memory, they can also leak data, loop endlessly or act ...
CSO Online

Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years

A suspected Chinese espionage group exploited hardcoded admin credentials in Dell RecoverPoint for Virtual Machines to deploy ...
CSO Online

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ...
CSO Online

CISO Julie Chatman wants to help you take control of your security leadership role

Chatman, who grew her career from medical diagnostics to a cybersecurity and risk leader at the FBI, has been a mentor to ...
CSO Online

What CISOs need to know about the OpenClaw security nightmare

Clawdbot, I mean, Moltbot, I mean, OpenClaw may be an immediate cybersecurity nightmare for enterprises, so here are its ...
CSO Online

Discipline is the new power move in cybersecurity leadership

Turns out the real power move in security isn’t a bigger budget — it’s cutting the clutter and proving what actually reduces ...
CSO Online

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...
CSO Online

The new paradigm for raising up secure software engineers

The new challenge for CISOs in the age of AI developers is securing code. But what does developer security awareness even ...
CSO Online

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.