Laden...
CSO US First Look
The day's top cybersecurity news and in-depth coverage
January 09, 2025
SOAR buyerâs guide: 11 security orchestration, automation, and response products â and how to choose
While the category is aging, the need for better automation and leveraging AI is still very much needed to defend the enterprise stack.
Read more
Critical Mitel, Oracle flaws find active exploitation, CISA urges patching
CISA added the flaws to its known vulnerability catalog, recommending swift patching pursuant to Binding Operational Directive (BOD) 22-01.
Russian hackers turn trusted online stores into phishing pages
The PhishWP WordPress plugin is well-equipped to turn legitimate shopping sites into phishing pages that capture sensitive payment and browser details.
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Large language models (LLMs) are proving to be valuable tools for discovering zero-days, bypassing detection, and writing exploit code â thereby lowering the barrier to entry for pen-testers and attackers alike.
US military allocated about $30 billion to spend on cybersecurity in 2025
The 2025 NDAA provides the US military with funding to rip Chinese gear out of telecom networks, protect mobile devices from foreign spyware, create an AI security center, and much more.
More telecom firms were breached by Chinese hackers than previously reported
Salt Typhoonâs latest victims include Charter, Consolidated, and Windstream, underscoring the widening scope of China's cyberespionage campaign against critical US infrastructure.
Open source vulnerability scanner found with a serious vulnerability in its own code
The flaw could allow attackers to bypass Nucleiâs template signature verification process to inject malicious codes into host systems.
© 2025
