What Boards Must Demand in the Age of AI-Automated Exploitation – The Hacker News
“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to…
March 2026
Why zero trust breaks down in IoT and OT environments – CSO Online
Zero trust solves the wrong problem in OT Zero trust has become the dominant security narrative of the past decade, and rightly so. Its core principles, never trust, always verify;…
Did cybersecurity recently have its Gatling gun moment? – CSO Online
On the James River, Petersburg, VA, June of 1864, during the American Civil War, General Benjamin Butler, of the US Army, deployed a new weapon into the field that effectively…
Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials – CSO Online
HPE Aruba Networking has released patches for five vulnerabilities in its AOS-CX switch software, the most severe of which could let a remote attacker take administrative control of enterprise network…
CSO Awards 2026 celebrates world-class security strategies – CSO Online
For more than a decade, the CSO Awards have recognized security projects that demonstrate outstanding thought leadership and business value. The award is an acknowledged mark of cybersecurity excellence. “This…
Announcing the 2026 CSO Hall of Fame honorees – CSO Online
Now entering its eighth year, the CSO Hall of Fame spotlights outstanding leaders who have significantly contributed to the practice of information risk management and security. This award honors trailblazers…
A 5-step approach to taming shadow AI – CSO Online
AI is being leveraged across organizations to boost productivity, accelerate innovation and optimize business processes. The problem is that adoption has outpaced discipline. Only a minority (23.8%) of organizations have…
Legal ‘V-Level’ set for 2028 launch – Legal Cheek
Equivalent to one A-Level A new vocational qualification in law is set to launch in 2028 as part of a sweeping overhaul of post-16 education in England, the government has…
Microsoft Patches 84 Flaws in March Patch Tuesday, Including Two Public Zero-Days – The Hacker News
Microsoft on Tuesday released patches for a set of 84 new security vulnerabilities affecting various software components, including two that have been listed as publicly known. Of these, eight are…
SRA issues warning over ‘no win, no fee’ arrangements: What law firms need to know – Legal Futures
While ‘no win, no fee’ agreements can offer crucial access to justice for individuals, the SRA’s warning highlights significant regulatory risks for firms that fail to comply with their obligations.…
Ropes & Gray raises London NQ pay to £170k – Legal Cheek
Rises for trainees too Ropes & Gray has bumped up its newly qualified (NQ) solicitor salaries in London to £170,000, a rise of just over 3% on the previous rate…
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours – The Hacker News
A threat actor known as UNC6426 leveraged keys stolen following the supply chain compromise of the nx npm package last year to completely breach a victim’s cloud environment within a…
12 ways attackers abuse cloud services to hack your enterprise – CSO Online
Attackers are increasingly abusing trusted SaaS platforms, cloud infrastructure, and identity systems to blend malicious activity into legitimate enterprise traffic. Adversaries are pushing command and control (C2) through high-reputation services,…
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets – The Hacker News
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed…
Middle East Conflict Highlights Cloud Resilience Gaps – Dark Reading
Data centers — used by both governments and militaries for operations — are now fair game, not just for cyberattacks, but for kinetic attacks as well. – Read More