Latest from todayFeature8 trends transforming the MDR market todaySkills gaps, increased regulatory pressures, and digital transformation are just a few of the factors pushing the growth of burgeoning managed detection and response (MDR) market.By John LeydenJul 18, 20258 minsIncident ResponseIntrusion Detection SoftwareManaged IT Services Feature How AI is changing the GRC strategyBy Rosalyn PageJul 17, 202511 minsComplianceIT Governance FrameworksRisk ManagementFeature 7 obsolete security practices that should be terminated immediatelyBy John EdwardsJul 16, 20257 minsAuthenticationComplianceIntrusion Detection Software NewsRansomware actors target patched SonicWall SMA devices with rootkitBy Lucian Constantin Jul 17, 20255 minsCyberattacksMobile SecurityRansomware NewsSalt Typhoon hacked the US National Guard for 9 months, and accessed networks in every stateBy Gyana Swain Jul 16, 20256 minsHackingSecurity NewsOne click to compromise: Oracle Cloud Code Editor flaw exposed users to RCEBy Shweta Sharma Jul 16, 20253 minsSecurityVulnerabilities FeatureHow defenders use the dark webBy Ax Sharma Jul 15, 20259 minsCyberattacksHackingThreat and Vulnerability Management OpinionAI poisoning and the CISO’s crisis of trustBy Christopher Burgess Jul 15, 20256 minsCSO and CISOCyberattacksRisk Management OpinionThe 10 most common IT security mistakesBy Leonard Rapp Jul 14, 202511 minsInternet SecurityPasswordsRansomware More security newsnewsCisco warns of another critical RCE flaw in ISE, urges immediate patchingThe newly disclosed flaw affects a specific API that suffers from insufficient input validation to allow unauthenticated RCE at the root.By Shweta Sharma Jul 18, 2025 4 minsSecurityVulnerabilitiesopinionBuilding scalable secrets management in hybrid cloud environments: Lessons from enterprise adoptionOne leaked AWS key changed everything! Now, secrets management isn’t just smart, it’s survival in the hybrid cloud chaos.By Shilpi Mittal Jul 18, 2025 6 minsCI/CDCloud SecurityCyberattacksnewsChina-linked hackers target Taiwan chip firms in a coordinated espionage campaignThree threat groups conduct sophisticated phishing attacks against chip manufacturers and financial analysts between March and June 2025.By Gyana Swain Jul 17, 2025 5 minsCyberattacksSecuritynews1Password releases MCP Server for TrelicaThe product gives admins visibility into SaaS access and AI devs the ability to embed SaaS access governance into agent workflows.By Howard Solomon Jul 16, 2025 5 minsArtificial IntelligenceData and Information SecurityIdentity and Access ManagementnewsGoogle Gemini vulnerability enables hidden phishing attacksA bug in Google Gemini allows attackers to hijack email summaries and launch phishing attacks.By Julia Mutzbauer and Samira Sarraf Jul 15, 2025 3 minsEmail SecurityGenerative AIZero-Day VulnerabilitiesnewsAlert: Nvidia GPUs are vulnerable to Rowhammer attacksIT leaders need to ensure that error correction code in GPUs is turned on to avoid data compromise.By Howard Solomon Jul 15, 2025 4 minsGPUsSecurityVulnerabilitiesnewsHow phishers are weaponizing SVG images in zero-click, evasive campaignsSeemingly harmless SVGs are packed with malicious JavaScript for a phishing redirect to actor-controlled URLs.By Shweta Sharma Jul 15, 2025 3 minsPhishingSecuritynewsNew Grok-4 AI breached within 48 hours using ‘whispered’ jailbreaksJust days after launch, Elon Musk’s Grok-4 is compromised by researchers using a stealthy blend of Echo Chamber and Crescendo techniques, exposing deep flaws in AI safety systems.By Shweta Sharma Jul 14, 2025 3 minsArtificial IntelligenceSecurityVulnerabilitiesfeature8 tough trade-offs every CISO must navigateIncreasing responsibilities and greater need to align with business objectives have security leaders facing greater risks — and more frequent and challenging security strategy compromises.By Mary K. Pratt Jul 14, 2025 10 minsBudgetingBusiness IT AlignmentCSO and CISOnews analysisPutting AI-assisted ‘vibe hacking’ to the testValuable tools for experienced attackers and researchers, LLMs are not yet capable of creating exploits at a prompt, researchers found in a test of 50 AI models — some of which are getting better quickly. By Lucian Constantin Jul 14, 2025 7 minsCyberattacksPenetration TestingVulnerabilitiesnewsMcDonald’s AI hiring tool’s password? ‘123456’: Exposes data of 64M applicantsA security flaw in McHire allowed access to sensitive applicant data via default admin credentials and a vulnerable API. The issue was patched swiftly after disclosure.By Shweta Sharma Jul 11, 2025 5 minsData BreachPasswordsSecuritynews analysisAnatomy of a Scattered Spider attack: A growing ransomware threat evolvesThe cybercriminal group has broadened its attack scope across several new industries, bringing valid credentials to bear on help desks before leveraging its new learnings of cloud intrusion tradecraft to set the stage for ransomware.By John Leyden Jul 11, 2025 7 minsCyberattacksRansomwareThreat and Vulnerability Management Show more Show less Explore a topicGenerative AIApplication SecurityBusiness ContinuityBusiness OperationsCareersCloud SecurityComplianceCritical InfrastructureCybercrimeIdentity and Access ManagementIndustryIT LeadershipNetwork SecurityPhysical SecurityView all topics Spotlight: AI-ready data centers Articles Buyer’s Guide There are lots of great reasons for running AI applications in your own data centers – provided they’re up to the task. AI puts new demands on virtually every aspect of data centers from servers and networks to power grids and more. Learn what it takes to build and run an AI-ready data center. View all Popular topicsGenerative AI newsCritical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacksBy Shweta Sharma Jul 2, 2025 4 minsDeveloperGenerative AIVulnerabilities featureHow cybersecurity leaders can defend against the spur of AI-driven NHIBy Maria Korolov Jul 2, 2025 12 minsGenerative AIIdentity Management SolutionsIdentity and Access Management newsLLMs are guessing login URLs, and it’s a cybersecurity time bombBy Shweta Sharma Jul 1, 2025 4 minsGenerative AIPhishingSecurity View topic Cybercrime newsUS Treasury Department sanctions individuals and entities over illegal IT worker schemeBy Lynn Greiner Jul 9, 2025 4 minsCybercrimeGovernment newsHunters International shuts ransomware operations, reportedly becomes an extortion-only gangBy Howard Solomon Jul 3, 2025 6 minsCybercrimeRansomwareSecurity newsUS DOJ makes progress combatting North Korean remote IT worker schemesBy Lynn Greiner Jun 30, 2025 4 minsFraudGovernmentIdentity Theft View topic Careers interviewClément Domingo: “We are not using AI correctly to defend ourselves”By Víctor Manuel Fernández Jul 18, 2025 7 minsArtificial IntelligenceCareersStartups featureHow CISOs are training the next generation of cyber leadersBy Aimee Chanthadavong Jul 9, 2025 9 minsCSO and CISOCareersIT Leadership featureHow talent-strapped CISOs can tap former federal government cyber prosBy Carrie Pallardy Jul 8, 2025 8 minsCSO and CISOCareersIT Skills View topic IT Leadership featureHas CISO become the least desirable role in business?By Esther Shein Jul 7, 2025 12 minsBusiness IT AlignmentCSO and CISORisk Management feature10 tough cybersecurity questions every CISO must answerBy Mary K. Pratt Jun 23, 2025 11 minsBusiness IT AlignmentCSO and CISOThreat and Vulnerability Management feature2025 CSO Hall of Fame honoreesBy CSO events Jun 12, 2025 5 minsCareersData and Information SecurityRisk Management View topic In depth FeatureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model Jun 28, 202315 mins CSO and CISOMultifactor AuthenticationRemote Work Ep. 04 Episode 4: Reduce SOC burnout Jun 28, 202315 mins CSO and CISOPhishingRemote Work Upcoming Events11/Aug-13/Aug in-person event CIO 100 Symposium & AwardsAug 11, 2025Fairmont Princess, Scottsdale AZ Business ContinuityEventsIT Leadership 20/Oct-22/Oct in-person event CSO Conference + Awards 2025Oct 20, 2025Grand Hyatt Indian Wells Resort & Villas, Indian Wells, CA CSO and CISOCyberattacksData and Information Security View all events Show me moreLatestArticlesPodcastsVideos news AMD discloses new CPU flaws that can enable data leaks via timing attacks By Gyana SwainJul 10, 20255 mins SecurityVulnerabilities news analysis MCP is fueling agentic AI — and introducing new security risks By Maria KorolovJul 10, 20259 mins Artificial IntelligenceData and Information SecurityVulnerabilities news Warning to ServiceNow admins: Fix your access control lists now By Howard SolomonJul 9, 20251 min Access ControlVulnerabilities podcast Navigating ransomware attacks while proactively managing cyber risks Jun 20, 202517 mins CybercrimeRansomware podcast CSO Executive Sessions: How AI and LLMs are affecting security in the financial services industry Mar 20, 202513 mins CSO and CISOFinancial Services IndustrySecurity Operations Center podcast CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers Feb 12, 202527 mins Security video Navigating ransomware attacks while proactively managing cyber risks Jun 20, 202517 mins CybercrimeRansomware video CSO30 winner Vishwanath Nair on balancing the tech and human element of cyber defence Jun 17, 202540 mins CSO and CISOGovernment ITHealthcare Industry video Standard Chartered’s Alvaro Garrido on AI threats and what CIOs/CISOs must know in their AI journey Apr 10, 202514 mins CIOCSO and CISOFinancial Services Industry