Latest from todayNews AnalysisThe cyber winners and losers in Trump’s 2027 budgetThe administration’s 2027 civilian agencies budget trims federal cybersecurity spending despite escalating threats, with deep cuts at CISA even as other agencies see boosts.By Cynthia BrumfieldApr 10, 20267 minsBudgetingGovernmentTechnology Industry News Analysis Patch windows collapse as time-to-exploit acceleratesBy John LeydenApr 9, 20265 minsCyberattacksCybercrimePatch Management SoftwareNews Analysis What Anthropic Glasswing reveals about the future of vulnerability discoveryBy Cynthia BrumfieldApr 7, 20265 minsApplication SecurityDevSecOpsTechnology Industry News AnalysisCloudflare ‘actively adjusting’ quantum priorities in wake of Google warningBy John Leyden Apr 9, 20265 minsData and Information SecurityEncryptionTechnology Industry NewsNew ClickFix variant bypasses Apple safeguards with one‑click script executionBy Shweta Sharma Apr 9, 20263 minsEndpoint ProtectionMacOS SecurityMalware NewsIran‑linked PLC attacks cause real‑world disruption at critical US infra sitesBy Gyana Swain Apr 8, 20265 minsCyberattacksCybercrimeSecurity NewsMicrosoft’s new Agent Governance Toolkit targets top OWASP risks for AI agentsBy Anirban Ghoshal Apr 8, 20263 minsArtificial IntelligenceRisk ManagementSecurity FeatureThe rise of proactive cyber: Why defense is no longer enoughBy Cynthia Brumfield Apr 7, 20269 minsData and Information SecurityGovernment ITNetwork Security Feature6 ways attackers abuse AI services to hack your businessBy John Leyden Apr 6, 20267 minsArtificial IntelligenceCyberattacksCybercrime More security newsnewsGoogle adds end-to-end Gmail encryption to Android, iOS devices for enterprisesIt's a valuable addition for organizations with compliance or privacy concerns, but to use the feature, customers must subscribe to the Enterprise Plus with Assured Controls edition of Premium Workspace.By Howard Solomon Apr 10, 2026 5 minsCommunications SecurityEmail SecurityEncryptionnews analysisOld Docker authorization bypass pops up despite previous patchA 10-year-old issue involving Docker Engine and the AuthZ authorization plug-in lives again to enable attackers to gain root-level access to host systems.By Lucian Constantin Apr 10, 2026 4 minsApplication SecuritySecurityVulnerabilitiesnewsHacker Unknown now known, named on Europol’s most-wanted listTwo ransomware criminals are actively sought by German police.By Maxwell Cooter Apr 10, 2026 2 minsHacker GroupsHackingRansomwarenewsHungarian government email passwords exposed ahead of electionAhead of Hungary’s parliamentary elections hackers have been stealing passwords, not stealing votes.By Maxwell Cooter Apr 10, 2026 2 minsAccess ControlAuthenticationPasswordsnewsClaude uncovers a 13‑year‑old ActiveMQ RCE bug within minutesThe decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos hype.By Shweta Sharma Apr 10, 2026 3 minsArtificial IntelligenceSecurityVulnerabilitiesopinionWhy most zero-trust architectures fail at the traffic layerYou can have the best ID system in the world, but if your traffic layer is a mess, hackers will just walk through a side door. True zero trust requires locking down the "plumbing" of your network.By Vishnu Gatla Apr 10, 2026 4 minsAccess ControlZero TrustZero-Day VulnerabilitiesopinionCMMC compliance in the age of AIFederal contracting is no longer about just saying you're secure; you have to prove it. Automation and AI are the only ways to keep up with the mountain of evidence required.By Jeff Ladner Apr 10, 2026 6 minsComplianceGovernmentLaws and RegulationsnewsHackers have been exploiting an unpatched Adobe Reader vulnerability for monthsThe exploit has been fingerprinting compromised computers to enable possible future attacks.By Howard Solomon Apr 9, 2026 6 minsSecurityVulnerabilitiesZero-Day VulnerabilitiesopinionWeak at the seamsWe’ve spent billions on security tools, but we’re still falling behind because our systems are too tightly coupled. One tiny glitch in a shared platform can now tank entire global industries.By Torrell Funderburk Apr 9, 2026 8 minsComplianceCyberattacksCybercrimenewsQuestions raised about how LinkedIn uses the petabytes of data it collectsA European company selling browser extensions that leverage LinkedIn data is accusing the Microsoft unit of using its data to identify religious and political beliefs, and selling that info to third-parties.By Evan Schuman Apr 8, 2026 4 minsData PrivacyPrivacySecuritynewsHackers exploit a critical Flowise flaw affecting thousands of AI workflowsThe design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated configurations.By Shweta Sharma Apr 8, 2026 3 minsArtificial IntelligenceSecurityVulnerabilitiesopinionLLM-generated passwords are indefensible. Your codebase may already prove itStop letting AI pick your passwords. They follow predictable patterns instead of being truly random, making them easy for hackers to guess despite looking complex.By Sunil Gentyala Apr 8, 2026 8 minsAccess ControlAuthenticationPasswords Show more Show less Video on demand video How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA What if you could stop cyberattacks before they happen? In this episode of Cyber Sessions, host Joan Goodchild sits down with Erin Whitmore, former CIA case officer and current Head of the CYNTURION Group for CYPFER, to discuss how her team uses intelligence and AI to anticipate and prevent attacks before adversaries strike. Whitmore reveals how proactive cybersecurity is blending human intuition, artificial intelligence, and offensive tactics to predict threats — while balancing the line between privacy and protection. By Joan Goodchild Feb 4, 2026 28 minsCyberattacksCybercrime Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild Jan 13, 2026 23 mins CybercrimeSmall and Medium Business Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan Goodchild Dec 15, 2025 26 mins Application SecurityCSO and CISO CISO Reality: Record Pay, Rising Pressure, and Retention Risk By Joan Goodchild Dec 10, 2025 27 mins CSO and CISOSecurity Infrastructure See all videos Explore a topicGenerative AIApplication SecurityBusiness ContinuityBusiness OperationsCareersCloud SecurityComplianceCritical InfrastructureCybercrimeIdentity and Access ManagementIndustryIT LeadershipNetwork SecurityPhysical SecurityView all topics Spotlight: Setting the 2026 IT agenda Articles Buyer’s Guide Our annual State of the CIO Survey, now in its 25th year, highlights the ongoing evolution of the CIO role from IT operator to strategic business leader. The data is brought to life in conversations with IT leaders about their experience shaping enterprise strategy, enabling business growth, and leading cultural change. State of the CIO illuminates key areas of business and technology investment and this focus provides an ideal opportunity for sponsors to align with the opportunities highlighted by the research. View all Popular topicsGenerative AI featureThe CISO’s guide to responding to shadow AIBy Carrie Pallardy Mar 26, 2026 8 minsArtificial IntelligenceGenerative AISecurity opinionA 5-step approach to taming shadow AIBy Greg Neville Mar 11, 2026 7 minsArtificial IntelligenceGenerative AIRisk Management opinionHow to make LLMs a defensive advantage without creating a new attack surfaceBy Ankit Gupta Feb 27, 2026 9 minsGenerative AISecurity InfrastructureSecurity Operations Center View topic Cybercrime newsForest Blizzard leverages router compromises to launch AiTM attacks, target Outlook sessionsBy Nidhi Singal Apr 8, 2026 5 minsCyberattacksCybercrimeSecurity newsMicrosoft says Medusa-linked Storm-1175 is speeding ransomware attacksBy Prasanth Aby Thomas Apr 7, 2026 4 minsCybercrimeMalwareRansomware newsNorth Korean hackers abuse LNKs and GitHub repos in ongoing campaignBy Shweta Sharma Apr 6, 2026 4 minsCyberattacksCybercrimeSecurity View topic Careers featureWhat it takes to win that CSO roleBy David Weldon Mar 16, 2026 9 minsC-SuiteCSO and CISOCareers events promotionAnnouncing the 2026 CSO Hall of Fame honoreesBy CSO events Mar 11, 2026 5 minsCareersData and Information SecurityRisk Management featureHow to know you’re a real-deal CSO — and whether that job opening truly seeks oneBy David Weldon Mar 4, 2026 10 minsCSO and CISOCareersIT Leadership View topic IT Leadership opinion12 cyber industry trends revealed at RSAC 2026By Jon Oltsik Apr 3, 2026 8 minsEventsRSA ConferenceSecurity Practices featureEnterprise Spotlight: Setting the 2026 IT agendaBy CSO Staff Apr 1, 2026 1 minArtificial IntelligenceEnterprise Buyer’s GuidesIT Leadership feature8 ways to bolster your security posture on the cheapBy John Edwards Mar 31, 2026 7 minsBudgetingIT LeadershipRisk Management View topic In depth FeatureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsCyber Sessions with Joan GoodchildCybersecurity is constantly evolving, and so are the leaders who shape it. Hosted by veteran journalist Joan Goodchild, Cyber Sessions brings candid conversations with top CISOs, strategists, and industry influencers. Each episode cuts through the noise to explore the trends, challenges, and leadership insights that define the future of security.6 episodesSecuritySecurity Practices Ep. 06 How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan Goodchild Jun 28, 202328 mins CyberattacksCybercrime Ep. 06 Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan Goodchild Jun 28, 202323 mins CybercrimeSmall and Medium Business Upcoming Events16/Apr in-person event CIO 100 Leadership Live Los Angeles 2026Apr 16, 20268:30 am-4:30 pm (PT)Torrance Marriott Redondo Beach CIOCIO 100CIO Leadership Live 11/May-13/May conference CSO Cybersecurity Awards & Conference US 2026May 11, 2026Loews Nashville Hotel at Vanderbilt Plaza, Nashville, TN CSO and CISOCSO50IT Leadership View all events Show me moreLatestArticlesPodcastsVideos press release Sponsored by TechnologyWire Yael Nardi joins Minimus as Chief Business Officer to drive hyper-growth By TechnologyWireApr 8, 20262 mins IT Leadership opinion The zero-day timeline just collapsed. Here’s what security leaders do next By Solomon AdoteApr 8, 20265 mins SecurityVulnerabilitiesZero-Day Vulnerabilities opinion The tabletop exercise grows up By Cassio Goldschmidt and Lee CarstenApr 8, 20267 mins IT Skills and TrainingSecurity PracticesThreat and Vulnerability Management podcast CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CyberattacksCybercrimeRansomware podcast How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA By Joan GoodchildFeb 4, 202628 mins CyberattacksCybercrime podcast Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target By Joan GoodchildJan 13, 202623 mins CybercrimeSmall and Medium Business video CSO Executive Sessions ASEAN: From Compliance to Cyber Resilience-Securing Patient Trust in Southeast Asia’s Hospitals By Estelle QuekFeb 24, 202623 mins CSO and CISOElectronic Health RecordsRansomware video CSO Executive Sessions ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity By Estelle QuekJan 11, 202628 mins CyberattacksCybercrimeHuman Resources video CSO Executive Sessions Australia with Daisy Wong, Head of Security Awareness at Medibank Dec 14, 202538 mins CSO and CISO