Klue breach exposed Salesforce CRM data through stolen OAuth tokens
An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce and other platforms, and accessed ...
20 articles
An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce and other platforms, and accessed ...
Attacks on AI systems and disinformation starred as key elements of a ransomware tabletop exercise CSO participated in during this month’s Infosecurity Europ...
Longtime security leader Doug Kersten has expanded his list of responsibilities. As CISO of software maker Appfire, he now has accountability for business ri...
At Zenith Live 2026 held on 16-17 June in Vienna, Zscaler sharpened a reality that Southeast Asia CIOs and CISOs are already sensing, which are, AI agents ar...
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling many of today’s enterpr...
Microsoft Office users may find that some of their applications are failing to open when called on by third-party applications. It’s an issue that has emerge...
A simple framework has always governed security operations that I call the SOC Triangle. It is a balance between quality, consistency and cost efficiency.
You are a security leader at a small or medium-sized business (SMB), and your organization has decided to adopt Claude. If you are like me, after the initial...
Microsoft is warning of a novel remote code execution (RCE) path possible through web-enabled AI agents, demonstrating the technique against AutoGen Studio, ...
A recent proof-of-concept attack against Microsoft’s M365 Copilot Enterprise highlights what could be a much broader prompt injection threat based on a commo...
The Oracle Critical Security Patch update (CSPU) released this week contains 245 newly-announced fixes for supported on-premises software, some of which impa...
Threat actors are abusing trusted platforms, including Google Ads, GitLab pages, and Claude’s shared chat feature, to trick users into executing malicious co...
A massive credential-compromise campaign dubbed “Fortibleed” has been found to expose tens of thousands of Fortinet devices worldwide, with researchers warni...
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring ...
For years we’ve heard the frightening prediction that AI will take jobs away from people. It will and it already is, but that doesn’t mean it won’t also crea...
Every major technology shift changes cybersecurity. I’ve spent much of my career working through major technology transitions, from the rise of the commercia...
There’s no shortage of agentic AI tools out there that offer to perform online tasks on your behalf, if only you’ll give them all your passwords and credit c...
A design flaw in the Vertex AI software development kit (SDK) for Python, Google Cloud’s managed platform for building, training, and deploying AI agents, co...
Organizations racing to embed AI into business operations are realizing that the risk management frameworks they’ve relied on for decades aren’t built for th...
The 2026 Verizon Data Breach Investigations Report analyzed more than 22,000 confirmed data breaches across 145 countries. Its findings point to a single unc...