Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security

2445 tech articles in this category

  1. CSOonline ·
    When generative AI (GenAI) hit the consumer market with the release of OpenAI’s ChatGPT, users worldwide flocked to the product and started experimenting with the tool’s capabilities across industries. The release also sent an instant panic through the hearts of information security professionals whose job is to protect organizations from risks, including the loss or theft of sensitive data — including personally identifiable information (PII), protected health information (PHI) and sensitive co
    • 0 comments
    • 63 views
  2. Hacker News ·
    Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verificationView the full article
    • 0 comments
    • 51 views
  3. CSOonline ·
    CISOs were already struggling to help developers keep up with secure code principles at the speed of DevOps. Now, with AI-assisted development reshaping how code gets written and shipped, the challenge is rapidly intensifying. Whereas only about 14% of enterprise software engineers regularly used AI coding assistants two years ago, that number is on its way to skyrocketing to 90% by 2028, according to Gartner projections. And research from analytics firms like Faros AI shows what that wide-s
    • 0 comments
    • 70 views
  4. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heapView the full article
    • 0 comments
    • 58 views
  5. CSOonline ·
    Miljan Zivkovic | shutterstock.com Die zunehmende Abhängigkeit von IT-Dienstleistern und Software von Drittanbietern vergrößert die Angriffsfläche von Unternehmen erheblich. Das wird auch durch zahlreiche Cyberattacken immer wieder unterstrichen. Zwar lassen sich die Risiken in Zusammenhang mit Third-Party-Anbietern nicht gänzlich beseitigen, aber durchaus reduzieren. Dabei sollten Sicherheitsentscheider eine zentrale Rolle spielen, wie Randy Gross, CISO bei CompTIA, erklärt: “CISOs sind in
    • 0 comments
    • 60 views
  6. CSOonline ·
    Cyberattacks are moving faster, shrinking the gap between initial compromise and bad consequences, and the advent of AI is accelerating their timelines in a way that human defenders can no longer keep up with. That’s the broad and perhaps unsurprising finding of Palo Alto Networks’ 2026 Global Incident Response Report, which analyzed 750 incidents in 50 countries that were investigated by the company’s Unit 42 global threat intelligence and incident response team. In the fastest attacks
    • 0 comments
    • 48 views
  7. Hacker News ·
    Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI GrokView the full article
    • 0 comments
    • 43 views
  8. Hacker News ·
    A new Android backdoor that's embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build phase.View the full article
    • 0 comments
    • 45 views
  9. CSOonline ·
    Julia Mutzbauer Auch in diesem Jahr waren wieder zahlreiche internationale Institutionen auf der Münchner Cybersicherheitskonferenz (MCSC) vertreten. Darunter das Weiße Haus, FBI, Europol, OECD, BSI, BND und die Europäische Kommission sowie das National Cybersecurity Office aus Japan. Unter dem Motto “Command Control Really?” drehte sich alles um die entscheidende Frage, wie Politik und Wirtschaft am besten mit der weltweit zunehmenden Cyberbedrohungslage umgehen können. Molly Lesher
    • 0 comments
    • 263 views
  10. Hacker News ·
    Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol (MCP) server associated with Oura Health to deliver an information stealer known as StealC. "The threat actors cloned a legitimate Oura MCP Server – a tool that connects AI assistants to Oura Ring health data – and built a deceptiveView the full article
    • 0 comments
    • 52 views
  11. CSOonline ·
    A new cross-platform spyware sold openly through Telegram is lowering the barrier for hackers seeking remote access to mobile devices. Called “ZeroDayRAT” by its developer, the toolkit is being marketed through Telegram channels as a ready-to-deploy remote access solution. iVerify researchers traced its first activity to 2nd February, with the spyware being distributed as an APK for Android and a payload for iOS. “The developer runs dedicated channels for sales, customer support, and reg
    • 0 comments
    • 50 views
  12. Hacker News ·
    Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived. A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins. Cloud forensics is fundamentallyView the full article
    • 0 comments
    • 52 views
  13. Hacker News ·
    My objectiveThe role of NDR in SOC workflowsStarting up the NDR systemHow AI complements the human responseWhat else did I try out?What could I see with NDR that I wouldn’t otherwise?Am I ready to be a network security analyst now? My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response (View the full article
    • 0 comments
    • 52 views
  14. CSOonline ·
    A majority of enterprise security leaders view their roles as “no longer fully manageable,” according to a recent report, and security consultants concede that the increasingly over-scoped nature of cyber execs’ roles is a problem not easily fixed. At issue is the fact that companies have consistently broadened the CISO’s jurisdiction and responsibilities without providing new resources to accomplish it. “Given the CISO role’s continued expansion across new functional domains and enterpr
    • 0 comments
    • 51 views
  15. CSOonline ·
    By late 2025, the enterprise AI landscape had shifted. Standard RAG systems are failing at a rate of 80%, forcing a pivot to autonomous agents. But while “agentic RAG” solves the reliability problem, it introduces a terrifying new one: the autonomous execution of malicious instructions. If 2023 was the year of the chatbot and 2024 was the year of the pilot, late 2025 has firmly established itself as the era of the agent. We are witnessing a definitive inflection point in artificial intellige
    • 0 comments
    • 59 views
  16. Hacker News ·
    New research from Microsoft has revealed that legitimate businesses are gaming artificial intelligence (AI) chatbots via the "Summarize with AI" button that's being increasingly placed on websites in ways that mirror classic search engine poisoning (AI). The new AI hijacking technique has been codenamed AI Recommendation Poisoning by the Microsoft Defender Security Research Team. The tech giantView the full article
    • 0 comments
    • 46 views
  17. CISOmag ·
    Name : Cycom Hacking Conference Website: https://www.cycomhackingconference.com/ Date: April 23-24, 2026 Location: Montpellier, France The CYCOM Hacking Conference is the annual cybersecurity event organized by Devensys Cybersecurity. A key event in Montpellier and Occitanie, CYCOM brings together the entire cybersecurity ecosystem for several days: professionals, technical experts, students, specialized schools, institutions, local authorities, technology partners, and industry associations
    • 0 comments
    • 58 views
  18. Hacker News ·
    Apple on Monday released a new developer beta of iOS and iPadOS with support for end-to-end encryption (E2EE) in Rich Communications Services (RCS) messages. The feature is currently available for testing in iOS and iPadOS 26.4 Beta, and is expected to be shipped to customers in a future update for iOS, iPadOS, macOS, and watchOS. "End-to-end encryption is in beta and is not available for allView the full article
    • 0 comments
    • 63 views
  19. CSOonline ·
    Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT administrators. The warning comes after Google released a patch for Chrome to plug a use after free memory vulnerability (CVE-2026-2441) in cascading style sheets (CSS), which means the browser’s CSS engine isn’t properly managing memory and can be exploited by a hacker. If not patched, it allows a remote attacker to execute arbitrary code inside a sandbox via a crafted
    • 0 comments
    • 65 views
  20. CSOonline ·
    ackpress – shutterstock.com Das neue Tool zur Orchestrierung persönlicher KI-Agenten namens OpenClaw – früher Clawdbot, dann Moltbot genannt – erfreut sich aktuell großer Beliebtheit. Die Open-Source-Software kann eigenständig und geräteübergreifend arbeiten, mit Online-Diensten interagieren und Workflows auslösen – kein Wunder, dass das Github-Repo in den vergangenen Wochen Millionen von Besuchen und über 160.000 Sterne verzeichnet hat. Laut Angaben des Entwicklers hatte das Repo von Op
    • 0 comments
    • 255 views
  21. CSOonline ·
    ackpress – shutterstock.com Das neue Tool zur Orchestrierung persönlicher KI-Agenten namens OpenClaw – früher Clawdbot, dann Moltbot genannt – erfreut sich aktuell großer Beliebtheit. Die Open-Source-Software kann eigenständig und geräteübergreifend arbeiten, mit Online-Diensten interagieren und Workflows auslösen – kein Wunder, dass das Github-Repo in den vergangenen Wochen Millionen von Besuchen und über 160.000 Sterne verzeichnet hat. Laut Angaben des Entwicklers hatte das Repo von Op
    • 0 comments
    • 246 views
  22. CSOonline ·
    AI agents able to submit huge numbers of pull requests (PRs) to open-source project maintainers risk creating the conditions for future supply chain attacks targeting important software projects, developer security company Socket has argued. The warning comes after one of its developers, Nolan Lawson, last week received an email regarding the PouchDB JavaScript database he maintains from an AI agent calling itself “Kai Gritun”. “I’m an autonomous AI agent (I can actually write and ship c
    • 0 comments
    • 50 views
  23. Hacker News ·
    Cybersecurity researchers disclosed they have detected a case of an information stealer infection successfully exfiltrating a victim's OpenClaw (formerly Clawdbot and Moltbot) configuration environment. "This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI [View the full article
    • 0 comments
    • 43 views
  24. Hacker News ·
    A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization," researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said.View the full article
    • 0 comments
    • 40 views
  25. Hacker News ·
    This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever pathView the full article
    • 0 comments
    • 50 views
  26. Hacker News ·
    Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will Address Societal Challenges’. Technologies are evolving fast, reshaping economies, governance, and daily life. Yet, as innovation accelerates, so do digital risks. Technological change is no longerView the full article
    • 0 comments
    • 240 views
  27. CSOonline ·
    An estimated 37 million worldwide installations of a clutch of leaky Chrome extensions are transmitting users’ browsing histories to external servers. According to findings by an independent security researcher using the pseudonym “Q Continuum,” a total of 287 extensions sent data that closely matched the URLs visited during simulated browsing sessions. “The actors behind the leaks span the spectrum: Similarweb, Curly Doggo, Offidocs, Chinese actors, many smaller obscure data-brokers, an
    • 0 comments
    • 41 views
  28. CSOonline ·
    An estimated 37 million worldwide installations of a clutch of leaky Chrome extensions are transmitting users’ browsing histories to external servers. According to findings by an independent security researcher using the pseudonym “Q Continuum,” a total of 287 extensions sent data that closely matched the URLs visited during simulated browsing sessions. “The actors behind the leaks span the spectrum: Similarweb, Curly Doggo, Offidocs, Chinese actors, many smaller obscure data-brokers, an
    • 0 comments
    • 46 views
  29. Hacker News ·
    Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spywareView the full article
    • 0 comments
    • 48 views
  30. CSOonline ·
    Here’s what nobody tells you about risk management: your cyber team speaks Klingon, your operations folks speak Elvish and your strategy people speak ancient Greek. And somehow, you expect them all to protect the same castle. We’ve watched this play out more times than we care to count. The CISO warns about ransomware threats. Operations worries about supply chain breakdowns. The board obsesses over market disruption. They’re all talking about risk, but they might as well be on different pla
    • 0 comments
    • 49 views
  31. CSOonline ·
    BSI Das Bundesamt für Sicherheit in der Informationstechnik (BSI) und die IT-Sparte der Schwarz Gruppe wollen zusammen die technologische Unabhängigkeit der Verwaltung in Deutschland stärken. Dazu sei auf der Münchner Sicherheitskonferenz eine strategische Kooperation vereinbart worden, erklärten das BSI und Schwarz Digits.  Beide wollen demnach bei der Entwicklung souveräner Cloud-Lösungen für die öffentliche Verwaltung kooperieren, Kontrollschichten entwickeln und sichere Systeme auch
    • 0 comments
    • 233 views
  32. CSOonline ·
    Julie Chatman never planned to get into cybersecurity. In fact, she believes most don’t but are mentored into it, as she was. Chatman started her professional career as a Navy Hospital Corpsman, specializing in medical laboratory science and technology — a core part of medical diagnostics. “I analyzed blood work, monitoring quality control, ensuring accuracy in life-or-death results. That precision and systems thinking translates directly to how I approach cybersecurity today,” she tells CSO
    • 0 comments
    • 37 views
  33. CSOonline ·
    Julie Chatman never planned to get into cybersecurity. In fact, she believes most don’t but are mentored into it, as she was. Chatman started her professional career as a Navy Hospital Corpsman, specializing in medical laboratory science and technology — a core part of medical diagnostics. “I analyzed blood work, monitoring quality control, ensuring accuracy in life-or-death results. That precision and systems thinking translates directly to how I approach cybersecurity today,” she tells CSO
    • 0 comments
    • 39 views
  34. CSOonline ·
    Julie Chatman never planned to get into cybersecurity. In fact, she believes most don’t but are mentored into it, as she was. Chatman started her professional career as a Navy Hospital Corpsman, specializing in medical laboratory science and technology — a core part of medical diagnostics. “I analyzed blood work, monitoring quality control, ensuring accuracy in life-or-death results. That precision and systems thinking translates directly to how I approach cybersecurity today,” she tells CSO
    • 0 comments
    • 42 views
  35. CSOonline ·
    Ten years on, the Bangladesh Bank cyberheist — a landmark cybersecurity incident that rewrote the rules of nation state–sponsored hacking — continues to offer lessons for the cybersecurity community. Cyberspies hacked into Bangladesh Bank internal network and SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging environment before sending 35 fraudulent SWIFT payment instructions that attempted to steal $951 million from Bangladeshi foreign currency reserves, all held
    • 0 comments
    • 56 views
  36. Hacker News ·
    Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026. "Use afterView the full article
    • 0 comments
    • 48 views
  37. CSOonline ·
    PeopleImages.com – Yuri A | shutterstock.com Protokoll-Daten zu auditieren, zu überprüfen und zu managen, ist alles andere als eine glamouröse Aufgabe – aber ein entscheidender Aspekt, um ein sicheres Unternehmensnetzwerk aufzubauen. Schließlich schaffen Event Logs oft eine sekundäre Angriffsfläche für Cyberkriminelle, die damit ihre Aktivitäten verschleiern wollen. Vorgängen wie diesen treten Netzwerksicherheitsexperten mit Tools aus dem Bereich Security Information and Event Management
    • 0 comments
    • 52 views
  38. CSOonline ·
    PeopleImages.com – Yuri A | shutterstock.com Protokoll-Daten zu auditieren, zu überprüfen und zu managen, ist alles andere als eine glamouröse Aufgabe – aber ein entscheidender Aspekt, um ein sicheres Unternehmensnetzwerk aufzubauen. Schließlich schaffen Event Logs oft eine sekundäre Angriffsfläche für Cyberkriminelle, die damit ihre Aktivitäten verschleiern wollen. Vorgängen wie diesen treten Netzwerksicherheitsexperten mit Tools aus dem Bereich Security Information and Event Management
    • 0 comments
    • 57 views
  39. Hacker News ·
    Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload. Specifically, the attack relies on using the "nslookup" (short for nameserver lookup) command to execute a custom DNS lookup triggered via the WindowsView the full article
    • 0 comments
    • 57 views
  40. CSOonline ·
    Researchers warn that a critical vulnerability patched this week in BeyondTrust Remote Support is being exploited in the wild to compromise self-hosted deployments, including Bomgar remote support appliances, which included affected versions of the impacted software. Bomgar, a provider of privileged identity and access management products, acquired BeyondTrust in 2018, adopting the latter’s brand name. Bomgar on-premises hardware appliances, known as BeyondTrust B-series appliances, provide
    • 0 comments
    • 63 views
  41. CSOonline ·
    South Korea’s data protection authority has handed down a combined KRW 36 billion (approximately US$25 million) in administrative fines to the local subsidiaries of three global luxury houses, after finding they failed to implement basic security controls while managing customer data through a SaaS platform. The Personal Information Protection Commission (PIPC), South Korea’s top privacy regulator, announced on Feb. 12 that it levied a total of KRW 36.033 billion in fines and KRW 10.8 millio
    • 0 comments
    • 51 views
  42. CSOonline ·
    Developers have resolved a legacy flaw in the widely used libpng open-source library that existed since the software was released nearly 30 years ago. The heap buffer overflow in libpng would cause applications on unpatched systems to crash when presented with maliciously crafted PNG graphic images. In worse case scenarios, the CVE-2026-25646 vulnerability could be abused to extract information or trigger remote code execution. The most serious repercussions of the flaw would be possible
    • 0 comments
    • 45 views
  43. CSOonline ·
    AI agents are increasingly seen as a way to reinforce the capabilities of cybersecurity teams — but which can do the best job? Wiz has developed a benchmark suite of 257 real-world challenges spanning five offensive domains: zero-day discovery, CVE (code vulnerability) detection, API security, web security, and cloud security to find out. Wiz tests different combinations of AI agents and their underlying AI models against the test suite to see which score the highest in each of the five cate
    • 0 comments
    • 59 views
  44. Hacker News ·
    A previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional andView the full article
    • 0 comments
    • 49 views
  45. Hacker News ·
    Several state-sponsored actors, hacktivist entities, and criminal groups from China, Iran, North Korea, and Russia have trained their sights on the defense industrial base (DIB) sector, according to findings from Google Threat Intelligence Group (GTIG). The tech giant's threat intelligence division said the adversarial targeting of the sector is centered around four key themes: striking defenseView the full article
    • 0 comments
    • 43 views
  46. CSOonline ·
    The number of ways that Windows shortcut (.LNK) files can be abused just keeps growing: A cybersecurity researcher has documented four new techniques to trick Windows users into running malicious actions through innocent-looking shortcuts. Wietze Beukema demonstrated how to spoof the visible LNK destination, hide command-line arguments, and execute a different program than the one shown to the user, potentially offering attackers new vectors for phishing, USB-borne attacks, or initial access
    • 0 comments
    • 45 views
  47. Hacker News ·
    A previously unknown threat actor tracked as UAT-9921 has been observed leveraging a new modular framework called VoidLink in its campaigns targeting the technology and financial services sectors, according to findings from Cisco Talos. "This threat actor seems to have been active since 2019, although they have not necessarily used VoidLink over the duration of their activity," researchers NickView the full article
    • 0 comments
    • 46 views
  48. CSOonline ·
    ArtemisDiana – shutterstock.com Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat in seiner aktualisierten Technischen Richtlinie TR-02102 konkrete Fristen für das Ende der herkömmlichen asymmetrischen Verschlüsselungsverfahren gesetzt. Demnach sollen diese Methoden ab dem Jahr 2031 nicht mehr isoliert verwendet werden. Für Systeme mit besonders hohen Sicherheitsanforderungen gilt diese Vorgabe bereits ab Ende 2030. BSI setzt auf hybride Verschlüsselung Stattdessen em
    • 0 comments
    • 92 views
  49. CSOonline ·
    ArtemisDiana – shutterstock.com Das Bundesamt für Sicherheit in der Informationstechnik (BSI) hat in seiner aktualisierten Technischen Richtlinie TR-02102 konkrete Fristen für das Ende der herkömmlichen asymmetrischen Verschlüsselungsverfahren gesetzt. Demnach sollen diese Methoden ab dem Jahr 2031 nicht mehr isoliert verwendet werden. Für Systeme mit besonders hohen Sicherheitsanforderungen gilt diese Vorgabe bereits ab Ende 2030. BSI setzt auf hybride Verschlüsselung Stattdessen em
    • 0 comments
    • 116 views
  50. CSOonline ·
    A tale of two industries The United States Navy takes 18-year-olds fresh out of high school and trains them to operate nuclear reactors in 18 months. These aren’t college graduates. They’re not experienced professionals. They’re young people with the right potential who go through the most rigorous, structured program in the military that transforms them into personnel trusted with some of the highest-stakes responsibilities imaginable. Meanwhile, in cybersecurity, we claim we can’t find
    • 0 comments
    • 48 views
  51. CSOonline ·
    Google detected and blocked a campaign involving more than 100,000 prompts that it claimed were designed to copy the proprietary reasoning capabilities of its Gemini AI model, according to a quarterly threat report released by Google Threat Intelligence Group. The prompts looked like a coordinated attempt to perform model extraction or distillation, a machine-learning process in which a smaller model is created with the essential traits of a much larger one. Google systems caught the prompts
    • 0 comments
    • 48 views
  52. Hacker News ·
    Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes.View the full article
    • 0 comments
    • 48 views
  53. CSOonline ·
    Smart organizations have spent the last three years protecting their AI tools from skilled prompt injection-style attacks. The assumption has been that poisoning the foundational model, the real brains behind AI systems, requires technical expertise, privileged access, or a coordinated threat group. That assumption no longer holds, and it marks a significant shift in how organizations need to think about AI security in general and training data sanitization in particular. Recent evidence sho
    • 0 comments
    • 47 views
  54. Hacker News ·
    In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community. Let’s start with the originalView the full article
    • 0 comments
    • 49 views
  55. CSOonline ·
    When people talk about cryptography, they usually talk about algorithms. RSA versus ECC. Classical versus post quantum. Encryption strength measured in bits and curves. In practice, none of that matters unless keys are created, stored, rotated and retired correctly. Key management is the discipline that governs the entire lifecycle of cryptographic keys, from generation to destruction. It determines who can use a key, for what purpose, for how long and under what conditions. When done we
    • 0 comments
    • 48 views
  56. Hacker News ·
    Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. "Attackers are abusingView the full article
    • 0 comments
    • 43 views
  57. CSOonline ·
    Security information and event management (SIEM) platforms have evolved far beyond their basic log collection and correlation roots. With cyber threats moving too fast for manual intervention, leading vendors have been integrating artificial intelligence and machine learning technologies into their SIEM platforms. In addition, modern SIEM platforms now incorporate extended detection and response (XDR) and security orchestration, automation, and response (SOAR), enabling real-time threat
    • 0 comments
    • 52 views
  58. CSOonline ·
    Sie fühlen sich leer ohne Security-Dashboard? Diese Dokumentationen überbrücken den Schmerz bis zum nächsten Arbeitstag. Foto: Gorodenkoff – shutterstock.com Wenn Sie in Ihrer Profession als Sicherheitsentscheider voll aufgehen, brauchen Sie möglicherweise auch zwischen den Arbeitstagen ihre tägliche Dosis Cybersecurity. Falls Ihnen die zahlreichen Annäherungen Hollywoods an das Thema viel zu weit von der Realität entfernt sind, können Sie auf ein Füllhorn hochwertiger Dokumentationen zurückgr
    • 0 comments
    • 47 views
  59. 24x7Security ·
    Here’s Why, Here’s How Any business that has customers. Any healthcare provider who has patients. Any professional who has clients. Any government agency that serves citizens. All collect personal information about individuals to one degree or another. (Hint: The degree doesn’t matter.) Organizations collect Personally Identifiable Information (PII) in virtually every transaction that occurs for a commercial, governmental, or social purpose today. And after they collect it, they may also pro
    • 0 comments
    • 44 views
  60. CSOonline ·
    A threat actor is abusing an employee monitoring application and a remote monitoring and management platform in an attempt to deploy ransomware and steal cryptocurrency. According to researchers at Huntress, the unknown threat actor is leveraging NetworkLookout’s Net Monitor for Employees Professional – which, despite its name, includes remote access tools – and SimpleHelp, a suite of tools commonly used by IT teams and managed service providers for remote monitoring and management. Thes
    • 0 comments
    • 50 views
  61. CSOonline ·
    Ransomware has permanently changed how security leaders think about risk. Verizon’s 2025 Data Breach Investigations Report found that ransomware was involved in 44% of all breaches. For small and midsize businesses, the problem is big; ransomware was involved in nearly nine out of 10 breaches, compared to it playing a role in 39% of incidents among large organizations. Many of these attacks begin by breaching privileged accounts and identity infrastructure, targeting identity because of its
    • 0 comments
    • 50 views
  62. CSOonline ·
    A blind spot in Microsoft’s app and add-in marketplace security allowed an eagle-eyed hacker to hijack an abandoned Outlook add-in to carry out phishing attacks that compromised 4,000 users, researchers have discovered. The app in question, AgreeTo, is, or was, a meeting scheduling tool that first appeared in 2022 but was abandoned at some point after that by its developer. Despite this, the add-in continued to be listed on Microsoft’s site. A hacker noticed the change in its status and
    • 0 comments
    • 46 views
  63. CSOonline ·
    Rawat Yapathanasap – shutterstock.com Ransomware-Attacken, Phishing und digitale Sabotage: Vor dem Hintergrund der zunehmenden Cyberbedrohungslage hat das Frankfurter Cyberintelligence Institute (CII) ein digitales Warnsystem namens Cyber Risk Observation Service (CYROS) für Smartphones entwickelt. Die CYROS-App bündelt alle sicherheitsrelevanten Informationen aus behördlichen Warnmeldungen. Zu den Quellen zählen unter anderem das Bundesamt für Sicherheit in der Informationstechnik (BSI)
    • 0 comments
    • 303 views
  64. Hacker News ·
    Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks. "TheView the full article
    • 0 comments
    • 50 views
  65. Hacker News ·
    Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. "View the full article
    • 0 comments
    • 42 views
  66. CSOonline ·
    Fortinet researchers have disclosed a new phishing campaign delivering the commercially available XWorm malware, chaining a years-old Microsoft Office vulnerability with fileless execution to escape detection. The campaign, which uses multi-themed phishing emails and a malicious Excel add-in, ultimately deploys the modular remote access trojan (RAT) capable of encrypted command-and control (C2) and plugin-based expansion. “This campaign is striking in its ordinariness,” said Shane Barney
    • 0 comments
    • 51 views
  67. CSOonline ·
    Cybersecurity company Palo Alto Networks has completed its $25 billion acquisition of Israel-based identity security firm CyberArk, bringing privileged access and identity security into the core of its platform strategy. With this acquisition, Palo Alto aims to extend privileged access controls across human, machine, and AI identities, reduce standing privileges, limit lateral movement, and stop identity-based attacks faster, the company said. The deal also marks what the company describ
    • 0 comments
    • 49 views
  68. Hacker News ·
    Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight. Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromiseView the full article
    • 0 comments
    • 42 views
  69. Hacker News ·
    A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-pointView the full article
    • 0 comments
    • 48 views
  70. CSOonline ·
    In my experience leading engineering projects, I have encountered the same pattern repeatedly. We obsess over deployment speed. We measure success in commit velocity and uptime. But we rarely pause to ask the most uncomfortable question in the room: Who actually owns the identities we just spun up? This silence isn’t malicious; it’s structural. We have optimized our entire software delivery lifecycle for the creation of resources, but we have almost no muscle memory for their destruction. We
    • 0 comments
    • 47 views
  71. Hacker News ·
    A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346View the full article
    • 0 comments
    • 56 views
  72. CSOonline ·
    The new personal AI agent orchestration tool known as OpenClaw — formerly Clawdbot, then Moltbot — is a personal assistant that can do tasks for you without your personal supervision. It can operate across devices, interact with online services, trigger workflows — no wonder the Github repo has seen millions of visits and over 160,000 stars in the past couple of weeks. According to its developer, OpenClaw’s repo has also had over 2 million visitors over the course of a single week, and there
    • 0 comments
    • 61 views
  73. CSOonline ·
    The new personal AI agent orchestration tool known as OpenClaw — formerly Clawdbot, then Moltbot — is a personal assistant that can do tasks for you without your personal supervision. It can operate across devices, interact with online services, trigger workflows — no wonder the Github repo has seen millions of visits and over 160,000 stars in the past couple of weeks. According to its developer, OpenClaw’s repo has also had over 2 million visitors over the course of a single week, and there
    • 0 comments
    • 51 views
  74. Hacker News ·
    Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple's Dynamic Link Editor. Successful exploitation of the vulnerability could allow anView the full article
    • 0 comments
    • 46 views
  75. CSOonline ·
    Gorodenkoff | shutterstock.com Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in Ihr Netzwerk einzudringen. Sie haben es jetzt auch auf Ihre Workflows abgesehen. U
    • 0 comments
    • 64 views
  76. CSOonline ·
    Gorodenkoff | shutterstock.com Statt einfach “nur” Fehler in Applikationen auszunutzen, entdecken kriminelle Hacker zunehmend die Tools und Zugriffskanäle für sich, auf die sich Softwareentwickler regelmäßig verlassen. Dabei kombinieren sie längst auch unterschiedliche Cybercrime-Taktiken und beziehen auch künstliche Intelligenz (KI) ein, um an ihr Ziel zu gelangen. “Angreifer versuchen nicht mehr nur, in Ihr Netzwerk einzudringen. Sie haben es jetzt auch auf Ihre Workflows abgesehen. U
    • 0 comments
    • 53 views
  77. CSOonline ·
    A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who discovered the botnet, got into its staging server and believe at least 7,000 servers had been compromised by the end of January, half of them in the US. The botnet’s weapons include exploits for unpatched Linux vulnerabilities going back as far as 2009. The researchers describe the botnet, dubbed SSHStalker,
    • 0 comments
    • 39 views
  78. CSOonline ·
    That handy ‘Summarize with AI’ button embedded in a growing number of websites, browsers, and apps to give users a quick overview of their content could in some cases be hiding a dark secret: a new form of AI prompt manipulation called “AI recommendation poisoning.” So says Microsoft, which this week released research on a currently legal but extremely sneaky AI hijacking technique that appears to be spreading like wildfire among legitimate businesses. While most ‘Summarize with AI’ butt
    • 0 comments
    • 47 views
  79. Hacker News ·
    Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process. The activity has beenView the full article
    • 0 comments
    • 44 views
  80. Krebs ·
    For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers. Kimwolf is a botnet that surfaced in late 2025 and quickly infected m
    • 0 comments
    • 65 views
  81. Hacker News ·
    Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are oftenView the full article
    • 0 comments
    • 42 views
  82. Hacker News ·
    It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. ElsewhereView the full article
    • 0 comments
    • 45 views
  83. CSOonline ·
    A financially motivated threat actor tracked as UNC1609 is using a ClickFix-style social engineering campaign to deploy multiple macOS malware families against crypto-focused organizations. According to new research from Google Cloud’s Mandiant, the activity recently targeted an employee at a company operating in the cryptocurrency and decentralized finance (DeFi) sector. The researchers said that the North Korea-linked UNC1069 used a social engineering chain that involved a hijacked Telegra
    • 0 comments
    • 49 views
  84. Hacker News ·
    Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they are oftenView the full article
    • 0 comments
    • 65 views
  85. CSOonline ·
    Google has secured unconditional EU antitrust approval for its $32 billion acquisition of cloud security firm Wiz, clearing a major regulatory hurdle and paving the way for one of the largest cybersecurity acquisitions to date.   The decision removes a key uncertainty for enterprise customers and positions Google Cloud to aggressively expand its security portfolio as competition intensifies with AWS and Microsoft in multicloud environments. “The Commission found that there are several cr
    • 0 comments
    • 49 views
  86. Hacker News ·
    Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild. Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity. Twenty-five of the patched vulnerabilities have been classified as privilege escalation, followed by remote codeView the full article
    • 0 comments
    • 59 views
  87. Hacker News ·
    Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC) communication protocol for command-and-control (C2) purposes. "The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners (utmp/wtmp/lastlog tampering) and rootkit-class artifacts, the actor keeps a large back-catalog ofView the full article
    • 0 comments
    • 57 views
  88. CSOonline ·
    In my recent articles for CSO, I’ve talked about the limits of current SOC models and the importance of rehearsal. This time, I want to focus on something that’s becoming increasingly clear: purple teaming has lost its depth. We’ve turned one of the most powerful tools for resilience into a transactional exercise that feels reassuring but reveals very little about how an organization will cope when the pressure is real. Care and attention have become rare assets in our world. Distraction
    • 0 comments
    • 42 views
  89. CSOonline ·
    In 2026, the cybersecurity industry is expected to cross a threshold it has never reached before: More than 50,000 publicly disclosed software vulnerabilities in a single year. According to a new forecast from the Forum of Incident Response and Security Teams (FIRST), the median projection for 2026 is roughly 59,000 Common Vulnerabilities and Exposures (CVEs). Under more extreme — but plausible — scenarios, that number could climb far higher, reaching nearly 118,000, more than double the est
    • 0 comments
    • 40 views
  90. Hacker News ·
    The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. "The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generatedView the full article
    • 0 comments
    • 45 views
  91. CSOonline ·
    IDG Der Security-Anbieter Malwarebytes hat kürzlich vor einer besonders perfiden Phishing-Kampagne gewarnt. Die Angreifer tarnen dabei ihre Malware als gewöhnliches PDF-Dokument. Mitarbeiter sind es gewohnt, Bestellungen oder Rechnungen im PDF-Format zu erhalten. Daher ist es sehr wahrscheinlich, dass die schädlichen Dateien geöffnet werden. Klickt ein Mitarbeiter auf die Datei, wird ein Remote-Access-Trojaner namens AsyncRAT ausgeführt. Auf diese Weise können die Angreifer die Kontrolle
    • 0 comments
    • 91 views
  92. CSOonline ·
    Roman Samborskyi | shutterstock.com Lösungen im Bereich Breach & Attack Simulation (BAS) unterstützen Unternehmen dabei, ihr Sicherheitsniveau zu verstehen. Dazu automatisieren die Tools die Tests spezifischer Bedrohungsvektoren. Als Grundlage dienen dabei in der Regel das MITRE-ATT&CK– oder Cyber-Killchain-Framework. BAS-Produkte simulieren zum Beispiel: Netzwerkangriffe und Infiltrationsversuche, Lateral Movement, Phishing, Endpunkt- und Gateway-Attacken, M
    • 0 comments
    • 140 views
  93. CSOonline ·
    Roman Samborskyi | shutterstock.com Lösungen im Bereich Breach & Attack Simulation (BAS) unterstützen Unternehmen dabei, ihr Sicherheitsniveau zu verstehen. Dazu automatisieren die Tools die Tests spezifischer Bedrohungsvektoren. Als Grundlage dienen dabei in der Regel das MITRE-ATT&CK– oder Cyber-Killchain-Framework. BAS-Produkte simulieren zum Beispiel: Netzwerkangriffe und Infiltrationsversuche, Lateral Movement, Phishing, Endpunkt- und Gateway-Attacken, M
    • 0 comments
    • 115 views
  94. CSOonline ·
    Microsoft highlighted six new and actively exploited vulnerabilities among the 60 fixes issued in today’s February Patch Tuesday releases. However, Tyler Reguly, associate director of security R&D at Fortra, says there’s good news: The issues are easy to resolve with regular Microsoft patches for Windows and Office, and none require any post patch configuration steps. Still, CSOs should be aware that, of the six, three involve a security feature bypass: CVE-2026-21510, a protect
    • 0 comments
    • 53 views
  95. CSOonline ·
    Companies using self-hosted versions of BeyondTrust Remote Support (RS) or Privileged Remote Access (PRA) should deploy patches for a critical vulnerability that allows attacks to execute OS commands without authentication. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption,” BeyondTrust said in an advisory. The company released Patch BT26-02-RS for Remote Supp
    • 0 comments
    • 60 views
  96. Krebs ·
    Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Zero-day #1 this month is CVE-2026-21510, a security feature bypass vulnerability in Windows Shell wherein a single click on a malicious link can quietly bypass Windows protections and run attacker-controlled content without warning or consent dialogs. CVE-2026
    • 0 comments
    • 51 views
  97. Hacker News ·
    The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme. "These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulentView the full article
    • 0 comments
    • 45 views
  98. CSOonline ·
    SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security company Huntress has found. Until now, it has been unclear which combination of recent WHD vulnerabilities were behind a series of compromises of customer systems first uncovered in December. On January 28, SolarWinds published an advisory that mentioned six CVEs rated either ‘critical’ or ‘h
    • 0 comments
    • 51 views
  99. CSOonline ·
    SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security company Huntress has found. Until now, it has been unclear which combination of recent WHD vulnerabilities were behind a series of compromises of customer systems first uncovered in December. On January 28, SolarWinds published an advisory that mentioned six CVEs rated either ‘critical’ or ‘h
    • 0 comments
    • 41 views

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.