A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login authentication. Researchers at Canada-based Flare Systems, who…
News
Companies are using ‘Summarize with AI’ to manipulate enterprise chatbots
That handy ‘Summarize with AI’ button embedded in a growing number of websites, browsers, and apps to give users a quick overview…
What to Expect from the Solutions Spotlight with Object First on March 12th, 2026
Solutions Review’s Solution Spotlight with Object First is part of an exclusive webinar series for enterprise business software users. This event will…
North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign
A financially motivated threat actor tracked as UNC1609 is using a ClickFix-style social engineering campaign to deploy multiple macOS malware families against…
EU clears Google’s $32B Wiz acquisition, intensifying cloud security competition
Google has secured unconditional EU antitrust approval for its $32 billion acquisition of cloud security firm Wiz, clearing a major regulatory hurdle…
The hard part of purple teaming starts after detection
In my recent articles for CSO, I’ve talked about the limits of current SOC models and the importance of rehearsal. This time,…
CISOs must separate signal from noise as CVE volume soars
In 2026, the cybersecurity industry is expected to cross a threshold it has never reached before: More than 50,000 publicly disclosed software…
Vorgetäuschte PDFs bergen neue Gefahren
loading=”lazy” width=”400px”>Cyberkriminelle verschicken ihre Malware als PDF-Dateien getarnt. IDG Der Security-Anbieter Malwarebytes hat kürzlich vor einer besonders perfiden Phishing-Kampagne gewarnt. Die Angreifer…
February 2026 Patch Tuesday: Six new and actively exploited Microsoft vulnerabilities addressed
Microsoft highlighted six new and actively exploited vulnerabilities among the 60 fixes issued in today’s February Patch Tuesday releases. However, Tyler Reguly,…
BeyondTrust fixes critical RCE flaw in remote access tools
Companies using self-hosted versions of BeyondTrust Remote Support (RS) or Privileged Remote Access (PRA) should deploy patches for a critical vulnerability that…