Loading...
CSO Security Leadership
The day's top cybersecurity news and in-depth coverage
April 28, 2025
10 key questions security leaders must ask at RSA 2025
Agentic AI, platform hype, identity management, and economic uncertainty will dominate the RSA agenda. But discussions with fellow attendees will provide the real payoff.
Read more
Sponsored by Ivanti: Align Cybersecurity Operations with Business Priorities
48% of organizations admit they're using End-of-Life software. In our State of Cybersecurity Report, discover how core principles of exposure management provides the key to proactive protection from cyber attacks that align with your organization's goals.
Cybercriminals switch up their top initial access vectors of choice
Vulnerability exploitation, including attacks on network edge devices, has leapfrogged phishing to become a key factor in many security breaches, according to Verizonâs DBIR.
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
Darcula phishing toolkit gets AI boost, democratizing cybercrime
Darculaâs new AI-integrated phishing toolkit allows criminals to create customized, multi-language phishing kits in minutes â no technical skill required.
As clock ticks, vendors slowly patch critical flaw in AMI MegaRAC BMC firmware
Lenovo patches have now appeared as the slow-motion industry effort to fix the issue trundles on.
Lesson from huge Blue Shield California data breach: Read the manual
Data on 4.7 million members was captured over almost four years from a misconfiguration that sent Google Analytics data to Google Ads.
© 2025
