News

CSO Online
csoonline. com > article > 4192188 > argo-cd-flaw-shows-why-gitops-infrastructure-should-be-treated-as-tier-zero. html

Argo CD flaw shows why Git Ops infrastructure should be treated as tier zero

12+ hour, 24+ min ago  (516+ words) A newly disclosed vulnerability in Argo CD is drawing attention to the security risks of Git Ops platforms, with researchers warning that the flaw could allow attackers who gain a foothold inside a Kubernetes cluster to execute code and manipulate…...

Symbols: cwe-88,btc-usd,eth-usd,cwe-78,cwe-77
CSO Online
csoonline. com > article > 4191923 > sandbox-bypass-flaws-in-cursor-ide-highlight-prompt-injection-as-an-rce-vector. html

Sandbox bypass flaws in Cursor IDE highlight prompt injection as an RCE vector

5+ day, 14+ hour ago  (525+ words) Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) that can be exploited through prompt injection to achieve remote code execution (RCE). The two flaws, tracked as CVE-2026-50548 and CVE-2026-50549, allow attackers to break…...

Symbols: cwe-78
CSO Online
csoonline. com > article > 4191060 > malicious-chromium-extension-spoofs-perplexity-ai-to-hijack-browser-searches. html

Malicious Chromium extension spoofs Perplexity AI to hijack browser searches

5+ day, 14+ hour ago  (560+ words) Google has removed a malicious browser extension masquerading as Perplexity AI after Microsoft researchers found it was intercepting users" search traffic and routing queries through attacker-controlled servers before forwarding them to legitimate search engines. Microsoft Threat Intelligence said the extension…...

Symbols: btc-usd
CSO Online
csoonline. com > article > 4190154 > hackers-exploit-critical-ptc-windchill-plm-software-flaw. html

Hackers exploit critical PTC Windchill PLM software flaw

5+ day, 21+ hour ago  (319+ words) Hackers are exploiting a critical vulnerability recently patched in PTC Windchill and Flex PLM, two product lifecycle management solutions used by organizations across a range of industries, including defense, aerospace, automotive, medical, electronics, industrial machinery, and consumer goods. The vulnerability,…...

Symbols: nasdaq:ptc
CSO Online
csoonline. com > article > 4190094 > malware-authors-subvert-ai-detection-systems. html

Malware authors subvert AI detection systems

5+ day, 22+ hour ago  (193+ words) Enterprises that have turned to AI in order to boost their security defenses may have to reconsider their approach. Malware containing code that commands LLM-assisted products to abort their analysis or refuse to implement it is already circulating, according to…...

Symbols: cwe-80
CSO Online
csoonline. com > article > 4190054 > cyberattacks-pose-a-threat-to-life-in-australia. html

It's not just the spiders: Cyberattacks pose a "threat to life' in Australia

6+ day, 4+ hour ago  (213+ words) Australia's Security Intelligence Organization (ASIO) has uncovered an attack on a critical infrastructure operator's network. State-sponsored actors had compromised the network and were preparing to sabotage it, according to its director general, Mike Burgess. It's impossible to exaggerate the danger…...

Symbols: lloy.l,shel.l,btc-usd,0mc5.il,0qwk.l,0rcr.il
CSO Online
csoonline. com > article > 4189605 > what-cisos-need-to-tell-the-board-about-zero-trust-in-ot-a-90-day-communication-and-action-plan. html

What CISOs need to tell the board about zero trust in OT: A 90-day communication and action plan

1+ week, 1+ day ago  (470+ words) I work as a principal specialist at a pipeline operator where Operational Technology (OT) is the backbone of the business. I do not report to the board or act as a CISO, but the issues that get raised to those…...

CSO Online
csoonline. com > article > 4189908 > proposed-us-law-would-make-ai-risk-reporting-a-legal-obligation. html

Proposed US law would make AI risk reporting a legal obligation

6+ day, 6+ hour ago  (699+ words) US lawmakers on Thursday introduced a bill that would require developers of advanced AI models to report major safety and security incidents to the Commerce Department, establishing a federal oversight framework for high-risk AI systems. The bill directs the Secretary…...

CSO Online
csoonline. com > article > 4189600 > mythos-is-a-signal-not-a-siren-what-frontier-ai-should-change-for-cisos. html

Mythos is a signal, not a siren: What frontier AI should change for CISOs

1+ week, 3+ hour ago  (610+ words) When a new AI capability starts making headlines, I see the same pattern play out in boardrooms and executive staff meetings. The technology is introduced as a looming breakthrough for attackers. The conversation quickly shifts to worst-case scenarios. Then security…...

Symbols: nasdaq:amzn,nasdaq:aapl,nasdaq:msft,nasdaq:avgo,nasdaq:csco,nasdaq:crwd
CSO Online
csoonline. com > article > 4180915 > 10-years-of-the-gdpr-a-summary. html

GDPR at 10: Landmark data protections, increasing business burden

1+ week, 4+ hour ago  (606+ words) Ten years have passed since the General Data Protection Regulation (GDPR) came into force, and the results are mixed. While data protection has become more firmly established in European companies " and beyond " than ever before, the business world remains critical…...

Symbols: btc-usd,eth-usd