CSO US First Look
The day's top cybersecurity news and in-depth coverage
July 05, 2025
Beyond CVE: The hunt for other sources of vulnerability intel
Were the CVE program to be discontinued, security teams would have a hard time finding one resource that would function with the same impact across the board. Here are current issues of relying on CVE and some existing options to look into.
Read more
Hunters International shuts ransomware operations, reportedly becomes an extortion-only gang
As a parting gift, the gang is offering free decryption keys to victim firms.
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Static root credentials left in limited Unified Communications Manager builds could let attackers gain full control over enterprise communications systems.
Scattered Spider shifts focus to airlines as strikes hit Hawaiian, WestJet â and now Qantas
Cybersecurity giants and the FBI warn that the notorious hacking group is now targeting the aviation sector with advanced social engineering tactics, raising alarms during peak travel season.
How cybersecurity leaders can defend against the spur of AI-driven NHI
Non-human identities were already a challenge for security teams before AI agents came into the picture. Now, companies that haven't come to grips with this problem will see it become even more critical.
AI supply chain threats loom â as security practices lag
Recent findings of AI ecosystem insecurities and attacks show how important MLSecOps is to securing AI strategies from complex and often highly concealed risks.
CISOs must rethink defense playbooks as cybercriminals move faster, smarter
Facing faster, stealthier intruders, CISOs are under pressure to modernize their cybersecurity strategies, toolsets, and tactics. From detection to post-mortem, here are key points of renewed emphasis.
