Enterprise Spotlight: Setting the 2026 IT Agenda
IT leaders are setting their operations strategies for 2026 with an eye toward agility, flexibility, and tangible business results. Download the January 2026 issue of…
Category: CISOOnline
5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild
“When F5 CVE-2025-53521 first emerged last year as a denial-of-service issue, it didn’t immediately signal urgency, and many system administrators likely prioritized it accordingly,” Benjamin…
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
The attack follows a series of supply chain attacks that impacted multiple open-source projects across different package repositories over the past several weeks, most of…
OpenAI patches twin leaks as Codex slips and ChatGPT spills
ChatGPT’s hidden outbound channel leaks user data OpenAI has reportedly fixed a parallel bug in ChatGPT that goes beyond credential theft. Check Point researchers uncovered…
8 ways to bolster your security posture on the cheap
8. Double-down on cybersecurity fundamentals One of the most effective low-cost security strategies is to double down on fundamentals such as identity protection, patching, visibility,…
Why Kubernetes controllers are the perfect backdoor
In my years securing cloud-native environments, I’ve noticed a recurring blind spot. We obsess over the “front doors” such as exposed dashboards, misconfigured RBAC, or…
Fortinet hit by another exploited cybersecurity flaw
The flaw is described as “an improper neutralization of special elements” used in a SQL command vulnerability. This means that a single HTTP request with…
Leak reveals Anthropic’s ‘Mythos,’ a powerful AI model aimed at cybersecurity use cases
The indecision over the model’s name, though, didn’t stop it from rattling markets last week. Shares of cybersecurity vendors, including CrowdStrike, Palo Alto Networks, Zscaler,…
LangChain path traversal bug adds to input validation woes in AI pipelines
Back to the basics The exploit technique described in the report relies on insufficient input validation and unsafe handling of data across key integration points…
APIs are the new perimeter: Here’s how CISOs are securing them
As Subramaniam explains, “AI agentic systems, which autonomously access APIs to perform tasks, complicate API security by expanding the attack surface, enabling dynamic and unpredictable…
Data Security Posture Management: Die besten DSPM-Tools
Data Security Posture Management erfordert nicht nur die richtigen Tools, sondern auch eine entsprechende Vorbereitung. Foto: Rawpixel.com | shutterstock.com Cloud Computing ist von Natur aus…
AI is breaking traditional security models — Here’s where they fail first
Adopting LLM-based AI-assisted security triage helps accelerate how teams detect, triage and prioritize those vulnerability findings and thus eliminates the delay between identifying issues and…