Attackers exploit Palo Alto GlobalProtect flaw days after disclosure
A Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks […]
Attack targeting OpenAI Codex users exposes AI software supply chain risks
A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication […]
Post-Quantum Readiness for BFSI: What RBI-Regulated Institutions Need to Plan For Now
The quantum threat to financial infrastructure is no longer a theoretical concern for a distant decade. […]
7 tabletop exercise mistakes that sabotage incident response
Discussion-based, low-stress simulations during which IT, legal, and other key leadership stakeholders walk through theoretical scenarios […]
Post-Quantum Computing Will Decrypt Your Data, Act Now
Your encrypted data may already be in the wrong hands. Not decrypted yet but stored, waiting. […]
Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’
Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) […]
Flowise’s MCP implementation can run ghost commands
Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads have a new near-max […]
6 critical security gaps every CISO must address
CISOs acknowledge that no organization is completely safe, but many also admit their security measures aren’t […]
CSO30 ASEAN & Hong Kong Awards 2026 open for nominations
The CSO30 ASEAN & Hong Kong Awards return in 2026, as an important moment to recognise […]
‘ChatGPhish’ Attack Turns ChatGPT Summaries Into Phishing Lures
Permiso researchers found ChatGPhish, a prompt-injection issue that can cause ChatGPT summaries to display phishing links, […]