CSOonline
LightNews LightNews
csoonline.bsky.social
CSOonline
@csoonline.bsky.social
95 followers 22 following 270 posts
CSO empowers enterprise security leaders with critical insights to stay ahead of threats. Covering #cybersecurity from #riskmanagement to #networkdefense, we provide the expertise needed to defend against cybercrime.
Posts Replies Media Videos
csoonline.bsky.social
When you treat vulnerabilities as clues instead of chores, you uncover threats, fix blind spots and finally make your security program work smarter.

Get the full story by #FoundryExpert Contributor, Tom Poperszky
spr.ly/6332879mSg

#SecuritySoftware #Vulnerabilities

A man smiles wearing an "IDAHO" hat and sunglasses in a city. The sunglasses reflect the surrounding buildings and blue sky. People and yellow taxis are in the background, adding to the bustling city scene.
November 19, 2025 at 9:52 PM
csoonline.bsky.social
SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream browsers intentionally block. www.csoonline.com/article/4092...
Hidden API in Comet AI browser raises security red flags for enterprises
The undocumented system-level API within the Comet AI browser enables embedded extensions to execute commands and launch applications.
www.csoonline.com
November 19, 2025 at 2:04 PM
csoonline.bsky.social
AI ​​company Anthropic recently announced that companies worldwide have been attacked by an AI-powered cyber espionage campaign. However, security experts have doubts about how autonomous the attacks actually were. www.csoonline.com/article/4092...
Anthropic AI-powered cyberattack causes a stir
The AI company’s researchers’ report about a large-scale cyber espionage campaign allegedly largely controlled by an AI system leaves security experts with doubts.
www.csoonline.com
November 19, 2025 at 1:41 PM
csoonline.bsky.social
Cyber Sessions is LIVE! Joan Goodchild + Andy Ellis dive into AI hype, vendor buzzwords & the future of CISOs from Black Hat.
#CyberSecurity #BlackHat #CyberSessions #CISO
Watch now: spr.ly/633247gPbp
Cyber Sessions podcast with Joan Goodchild featuring guest Andy Ellis. Episode titled "Inside Black Hat Hype." Andy Ellis, a white man with glasses and headphones, smiles against a dark, tech-themed backdrop.
November 18, 2025 at 8:35 PM
csoonline.bsky.social
For the third time in recent months, Google has found itself scrambling to fix a potentially serious zero-day flaw in the Chrome browser’s V8 JavaScript engine.

www.csoonline.com/article/4092...
More work for admins as Google patches latest zero-day Chrome vulnerability
Flaws affecting V8 JavaScript engine still drawing attackers to world’s most widely-used browser.
www.csoonline.com
November 18, 2025 at 7:50 PM
csoonline.bsky.social
Security researchers are warning about two critical vulnerabilities in Fortinet’s FortiWeb appliances, now tracked under CVE-2025-64446, being actively exploited in the wild.

www.csoonline.com/article/4091...
Fortinet’s silent patch sparks alarm as a critical FortiWeb flaw is exploited in the wild
Researchers say the flaw, affecting thousands of internet-facing FortiWeb instances, was exploited long before Fortinet disclosed or rated its severity.
www.csoonline.com
November 18, 2025 at 1:57 PM
csoonline.bsky.social
Azure has blocked its largest DDoS attack to date, a 15.72 Tbps strike linked to the Aisuru IoT botnet that also surged to nearly 3.64 billion packets per second and targeted a single cloud endpoint in Australia, Microsoft said.

www.csoonline.com/article/4091...
Azure blocks record 15 Tbps DDoS attack as IoT botnets gain new firepower
Microsoft says the attack, sourced from more than 500,000 compromised IPs, exposes deep weaknesses in home IoT and raises questions about enterprise DDoS readiness.
www.csoonline.com
November 18, 2025 at 1:56 PM
csoonline.bsky.social
It didn’t take long for some IT leaders who last month started paying to get Windows 10 security updates to face their first support problem.

www.csoonline.com/article/4091...
Microsoft fixes Windows 10 update flaw
Bug was the first to emerge since IT had to start paying for Windows 10 Extended Security Updates.
www.csoonline.com
November 18, 2025 at 1:55 PM
csoonline.bsky.social
In 2026, ASM gets a major glow-up as cloud control tightens, AI steps in, zero trust becomes the norm, and supply-chain risks finally get the spotlight.

See what #FoundryExpert Contributor Yash Mehta has to say:
spr.ly/633247ehK4

#Cyberattacks #Cybercrime

A young man with short, dark hair and a trimmed beard is smiling slightly, showing his upper teeth. He is wearing a black shirt with a red collar, and the background is blurred, suggesting an outdoor setting.
November 17, 2025 at 11:26 PM
csoonline.bsky.social
AI hackers don’t sleep — so our defenses can’t either. Digital twins could finally help us hunt threats 24/7, before they hunt us.

Get the full story by #FoundryExpert Contributor, Jason Fruge:
spr.ly/633257ZCZh

#ArtificialIntelligence #SecuritySoftware

A fair-skinned man with a shaved head and a beard is looking straight ahead. He is wearing a blue suit jacket and a white button-down shirt. The background is blurred and green.
November 14, 2025 at 7:22 PM
csoonline.bsky.social
When anyone online could be an AI clone, your best defense isn’t more AI — it’s smarter authentication that knows what’s real.

Discover the full article by #FoundryExpert Contributor, Alexander Garcia-Tobar:
spr.ly/633227Z4w8

#AccessControl #IdentityandAccessManagement #Authentication
Close-up of a smiling middle-aged white man with short gray hair and blue eyes. He's wearing a light gray jacket over a blue button-down shirt. The background is blurred, creating a professional headshot vibe.
November 14, 2025 at 6:41 PM
csoonline.bsky.social
Cybersecurity researchers have uncovered a chain of critical remote code execution (RCE) vulnerabilities in major AI inference server frameworks, including those from Meta, Nvidia, Microsoft, and open-source projects such as vLLM and SGLang.
www.csoonline.com/article/4090...
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft
Flaws replicated from Meta’s Llama Stack to Nvidia TensorRT-LLM, vLLM, SGLang, and others, exposing enterprise AI stacks to systemic risk.
www.csoonline.com
November 14, 2025 at 4:04 PM
csoonline.bsky.social
Combine structured frameworks with a customizable assessment model to turn strategic fog into prioritized remediation plans with the most value.

Get the full story by #FoundryExpert Contributor, Greg Neville:
spr.ly/633277kjWU

#Compliance #Security #RiskManagement

A portrait of a man with light skin, short brown hair, wearing a dark suit jacket, light blue shirt, and a green plaid tie. He is smiling with his teeth visible.
November 13, 2025 at 9:57 PM
csoonline.bsky.social
Blending DDI with AI lets your network see, think and fight back faster — closing gaps before attackers even get in.

Get the full story by #FoundryExpert Contributor, Sunil Gentyala:
spr.ly/633247na2i

#Cyberattacks #DataBreach #Cybercrime

A man with sunglasses and a gray shirt poses in front of a blurry cityscape. He has short black hair and a medium skin tone. The background includes water and buildings under an overcast sky.
November 12, 2025 at 10:32 PM
csoonline.bsky.social
Hackers are using AI agents to outsmart old logins. It’s time to ditch passwords and move to phishing-proof credentials like passkeys.

Don’t miss the full story from #FoundryExpert Contributor, Srinivasa Ravi Teja Peri: spr.ly/633227PN1m

#Authentication
#Passwords
#Phishing
A smiling man with short dark hair and a light beard, wearing a blue t-shirt, poses in front of a blurred background of water and what appears to be a dock or bridge structure.
November 7, 2025 at 8:38 PM
csoonline.bsky.social
If your backups aren’t secure, your business isn’t either. Cybersecurity and continuity must now work hand in hand to keep you running.

Don’t miss the full story from #FoundryExpert Contributor, Omowunmi Makinde, MsC: spr.ly/633227PFTj

#Hacking #DataBreach
A professional headshot of a Black woman with curly hair and glasses, wearing a navy blazer and white blouse. She's confidently posed with her arms crossed against a gray background.
November 7, 2025 at 8:11 PM
csoonline.bsky.social
The next pandemic won’t just test our biology — it’ll test whether our AI and cybersecurity can survive the storm.

Read the full piece from #FoundryExpert Contributor, Rama Devi Drakshpalli: spr.ly/633297OiqD

Enjoyed this story? ⬇️
spr.ly/633247Oiqy
A woman with brown skin, dark hair, and a bindi is centered in the image. She wears a blue top and a gold necklace. The background is light.
November 6, 2025 at 10:26 PM
csoonline.bsky.social
Cyberespionage groups are always looking for novel ways to establish covert and long-term persistent access to compromised systems. The latest example comes from a Russian APT group known as Curly COMrades. www.csoonline.com/article/4085...
Russian APT abuses Windows Hyper-V for persistence and malware execution
Recently documented Curly COMrades group bypasses traditional host-based EDR solutions by spinning up VMs with deceptive names using Windows’ own bare-metal hypervisor.
www.csoonline.com
November 6, 2025 at 2:50 PM
csoonline.bsky.social
Chinese hackers have been spotted targeting European diplomats using a longstanding Windows shortcut vulnerability that’s been popular with threat groups as far back as 2017.

www.csoonline.com/article/4082...
Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw
Chinese UNC6384 campaign cleverly exploits Windows .LNK vulnerability, security company finds.
www.csoonline.com
November 6, 2025 at 2:44 PM
csoonline.bsky.social
A critical remote-code execution (RCE) flaw in the widely used @react-native-community/cli (and its server API) lets attackers run arbitrary OS commands via the Metro development server, the default JavaScript bundler for React Native.

www.infoworld.com/article/4085...
Flaw in React Native CLI opens dev servers to attacks
The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0.
www.infoworld.com
November 6, 2025 at 2:43 PM
csoonline.bsky.social
While tracking cyberattacks since last year, a Crowdstrike report also found that physical attacks and kidnappings have increased dramatically, particularly in Europe.

www.csoonline.com/article/4084...
Crowdstrike cybersecurity report highlights a spike in physical attacks on privileged users
Will CISOs now have to plan defenses for attackers with guns and knives? Said one consultant: “It is giving new meaning to 'brute force' attacks.”
www.csoonline.com
November 5, 2025 at 2:07 PM
csoonline.bsky.social
www.csoonline.com/article/4080...
10 promising cybersecurity startups CISOs should know about
From NHI security to deepfake detection and securing the agentic enterprise, these startups have the products, pedigree, track record, and vision to be worthy of CISOs’ security tech radar.
www.csoonline.com
November 5, 2025 at 2:03 PM
csoonline.bsky.social
Cyber threats don’t just hit your systems — they move through your connections. The ULM shows how those hidden links fuel real risk.

Don’t miss the full story from #FoundryExpert Contributor, Henry Sienkiewicz: spr.ly/633257HRR3

#ZeroTrust #Cyberattacks

A man smiles wearing a blue shirt and gray blazer, facing forward. He has short, graying hair. The background is a blurry white.
October 31, 2025 at 8:34 PM
csoonline.bsky.social
If your cyber dashboard looks like a tech manual, you’re flying blind. Real leaders measure resilience, not patch counts.

Here are the only metrics that matter to rewire your boardroom dashboard spr.ly/633227GG5O

#Analytics
#NetworkSecurity
#ROIandMetrics #FoundryExpert
Close-up of a smiling Black man with a neatly trimmed graying beard, wearing blue-rimmed glasses and a black turtleneck sweater, facing the camera directly with a soft, neutral background.
October 30, 2025 at 9:48 PM
csoonline.bsky.social
Is your perimeter having an identity crisis?

Your biggest security risk might now sound exactly like your boss. AI clones identities so well that only zero-trust thinking can keep you safe.

Get the full story by #FoundryExpert Contributor, Chris Novak: spr.ly/633247Eajp

Headshot of a man with a beard wearing glasses, a suit jacket, and a patterned blue tie. He is smiling at the camera.
October 29, 2025 at 7:41 PM