Security lapse lets researchers view React2Shell hackers’ dashboard
An apparent security lapse has allowed researchers to peer into the work of a threat group currently exploiting unpatched servers open to the four-month-old ...
CSO Online
20 articles
A core infrastructure engineer pleads guilty to federal charges in insider attack
When Daniel Rhyne pleaded guilty on April 1 to having launched an insider extortion attack against his then-employer, authorities enumerated the techniques h...
Google patches fourth Chrome zero-day so far this year
Google has patched another zero-day vulnerability in Chrome, its fourth this year. In patching the vulnerability, tracked as CVE-2026-5281, the company ackno...
Internet Bug Bounty program hits pause on payouts
Researchers who identify and report bugs in open-source software will no longer be rewarded by the Internet Bug Bounty team. HackerOne, which administers the...
Claude Code is still vulnerable to an attack Anthropic has already fixed
The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers have spotted a vulnerability documented in the code.
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu platform to the recent supply chain a...
12 cyber industry trends revealed at RSAC 2026
The 2026 RSA circus is over. The tents are packed and the elephants have been loaded onto the train.
Die besten XDR-Tools
srcset="https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.
Cloudflare’s new CMS is not a WordPress killer, it’s a WordPress alternative
Cloudflare on Wednesday rolled out EmDash, which it described as “the spiritual successor to WordPress.” The security vendor positioned EmDash as a far more ...
Cisco fixes critical IMC auth bypass present in many products
Cisco has released patches for a critical vulnerability in its out-of-band management solution, present in many of its servers and appliances. The flaw allow...
EvilTokens abuses Microsoft device code flow for account takeovers
A new phishing-as-a-service (PhaaS) campaign is abusing Microsoft’s device code authentication flow to gain unauthorized access to user accounts. Sekoia rese...
Cybersecurity in the age of instant software
AI is rapidly changing how software is written, deployed, and used. Trends point to a future where AIs can write custom software quickly and easily: “instant...
Tools, um MCP-Server abzusichern
srcset="https://b2b-contenthub.com/wp-content/uploads/2025/11/Gorodenkoff_shutterstock_2324952347_16z9.
7 ways to improve your business resilience with backup and recovery
When your network goes down, your business stops. That’s a stark truth we see confirmed daily in incident response—and N-able’s 2026 State of the SOC Report ...
5 Steps to break free from alert fatigue and build resilient security operations
How many times has your SOC hit crisis mode at 2:00 AM, with the dashboard blaring red and analysts scrambling to separate real threats from useless noise? W...
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)
Business resilience starts at the endpoint. Between March and December 2025, the N-able SOC processed over 900,000 alerts—and a staggering 18% originated fro...
6 critical mistakes that undermine cyber resilience (and how to fix them)
Silos are the enemy of business resilience. As IT leaders, we’ve all felt the pain: the backup administrator, SOC analyst, and endpoint engineer operating in...
6 metrics IT leaders can’t afford to ignore for business resilience
If you’re in IT, you know: what we don’t measure puts business resilience at risk. In the face of rising threat volumes, scaling complexity, and board-level ...
5 critical steps to achieve business resilience in cybersecurity
What does it really take to keep your organization running when attackers strike? The answer is business resilience—being able to detect, contain, and recove...
Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both
Developers can spend days using fuzzing tools to find security weaknesses in code. Alternatively, they can simply ask an LLM to do the job for them in seconds.