Big tech firms continue to push back against fines levied for alleged violations of European data protection law, in what could be a harbinger for AI regulations to come. While lawyers and experts quizzed by CSO broadly argue that big tech firms contesting data protection rules isn’t a particular cause for concern, the more widespread…
Tag: continue
AI, Compliance, Cybersecurity, Endpoint, Global Security News, Network Security
Services Revenue Becomes the Channel’s Growth Engine
Halfway into 2026, managed services continue to emerge as one of the industry’s strongest growth engines. Gone are the days when infrastructure deals and one-time product sales dominated partner revenue. Increasingly, the real opportunity lies in the services surrounding technology, from AI advisory and deployment to cybersecurity management and implementation. In this article, we examine…
AI, Global Security News, privacy, Risk Management
Turns out the C-suite loves shadow AI
Senior decision-makers are the heaviest users of unapproved AI tools, and they continue using them despite being aware of the security and privacy risks linked to shadow AI, according to TrustedTech’s Shadow AI in the Workplace report. The study found that 65% of decision-makers use shadow AI, compared with 31% of employees below decision-maker level.…
AI, Global Security News, Risk Management
The scam economy has found its AI upgrade
Scam attempts continue to reach consumers via email, text messages, social media, online advertising, and phone calls. The volume of exposure has remained stable over the past year, with more than half of consumers encountering scam attempts at least monthly, according to the F-Secure Scam Intelligence & Impacts Report 2026. Most common channels for scam…
AI, Compliance, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Cisco Reveals Security Gaps in Vision Language Models
Vision language models (VLMs) continue to expand the capabilities of artificial intelligence by combining image and text understanding into a single system. However, recent research from Cisco into typographic prompt injection attacks highlights significant weaknesses in how these models interpret and secure visual information. The second installment of Reading Between the Pixels explores how small…
AI, Global Security News
Brush shell 0.4.0 tightens script safety, widens platform support
Rust-based alternatives to traditional Unix shells continue to attract users who want bash compatibility alongside built-in features like syntax highlighting and history-based suggestions. Brush, a bash- and POSIX-compatible shell written in Rust, sits in that group, and version 0.4.0 brings more than 200 merged pull requests representing several months of development. Bash features filled in…
AI, Global Security News
Visual Studio Code 1.118 adds auto model selection to Copilot CLI
Microsoft’s editor releases continue on a monthly cadence, with the Insiders build of Visual Studio Code 1.118. The update concentrates on the Copilot CLI integration, session management in the Agents app, and an opt-in path for TypeScript 7.0. Copilot CLI gains auto model selection Two separate entries in the changelog add automatic model selection to…
AI, Funding, Global Security News
Ex-Twitter CEO’s AI Startup Raises Funds at $2 Billion Valuation
Parallel Web Systems raised $100 million in Series B funding to continue building web search for AI agents.
AI, Global Security News, malware
Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain
Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating malware.
china, Global Security News, Government & Policy
GopherWhisper APT group hides command and control traffic in Slack and Discord
Attackers continue to lean on everyday collaboration platforms to hide command and control traffic inside normal enterprise noise. A newly identified China-aligned APT group pushes that trend further, running its operations through Slack workspaces, Discord servers, Outlook drafts, and the file.io sharing service. GopherWhisper toolset overview ESET researchers have named the group GopherWhisper and tied…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution
As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined…
AI, Global Security News
Global RAM shortage appears set to continue through 2027
The ongoing shortage of memory chips looks likely to continue throughout the year as demand from the AI sector surges. According to Nikkei Asia, leading manufacturers are expected to be able to meet only about 60% of global demand despite expansion plans. Although new factories are on the way, several of them are not expected…
AI, Global Security News, Risk Management
AI frenzy feeds credential chaos, secrets spread through code, tools, and infrastructure
Code keeps moving through pipelines, and credentials continue to surface alongside it. GitGuardian’s State of Secrets Sprawl 2026 puts the count at 28.65 million new hardcoded secrets in public GitHub commits in 2025, extending a multi-year rise in exposed access keys, tokens, and passwords. Public and internal repositories that contain at least one secret (Source:…
AI, Cybersecurity, Endpoint, Exploits, Global Security News, malware, Risk Management
CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks
Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug…
Global Security News
What cybersecurity actually does for your business
The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed
AI, Apps, Exploits, Global Security News, Risk Management
Your dependencies are 278 days out of date and your pipelines aren’t protected
Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across the environments studied, 87% of organizations run at least one exploitable vulnerability in production services, affecting 40% of those…
AI, Data Breaches, Global Security News
Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70 countries. The dataset examines how attackers gain access, how quickly they reach…
Cybersecurity, Global Security News, Network Security, Risk Management
Industrial networks continue to leak onto the internet
Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report 2026. Top TTPs mapped from detected signatures within OT networks (Source: Palo Alto Networks)…
AI, Exploits, Global Security News
Open-source benchmark EVMbench tests how well AI agents handle smart contract exploits
Smart contract exploits continue to drain funds from blockchain projects, even as auditing tools and bug bounty programs grow. The problem is tied to how Ethereum Virtual Machine (EVM) contracts work: code is deployed permanently, runs autonomously, and often controls large pools of assets. That environment has created demand for better ways to measure whether…
AI, Cybersecurity, Global Security News, Network Security
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many environments, malicious actors with access to the OT network can impersonate devices, issue unauthenticated commands, or modify messages in transit without detection. A new guidance document from the Cybersecurity and…
AI, Global Security News
Why your AI ambition needs an operational reality check
GUEST OPINION: Organisations continue to adopt artificial intelligence (AI), yet many projects still falter for reasons unrelated to the technology itself. AI is advancing quickly, though it remains a tool, not a cure-all. The real challenge is the growing number of companies deploying AI without a clear strategy for how AI is meant to operate…
AI, Cybercrime, Cybersecurity, Global Security News, News
AI is driving a new kind of phishing at scale
Email remains a primary entry point for attackers, and security teams continue to manage high volumes of malicious messages that change form across campaigns. Attackers generate large numbers of messages with small variations in wording, structure, and delivery paths. AI systems now sit at the center of this activity, supporting generation, testing, and rollout of…