Laden...
CSO US First Look
The day's top cybersecurity news and in-depth coverage
March 27, 2025
7 cutting-edge encryption techniques for reimagining data security
From private information retrieval to federated learning, new approaches to securing information are not only resulting in practical data security solutions but also ways of rethinking data foundations.
Read more
Sponsored by Snyk: Strengthen Developer Security with These 6 Essential Best Practices
Fast-growing tech companies move at breakneck speedâbut security canât be left behind. Thatâs why Snyk created 6 Best Practices for Developer Security in the Technology Industry to help your teams build and ship secure software without slowing down innovation. Get your copy today!
Even anti-scammers get scammed: security expert Troy Hunt pwned by phishing email
Illustrating that there is no such thing as immunity from phishing, the founder of the Have I Been Pwned? website admits to being taken in by an email that exposed his Mailchimp access.
VMware plugs a high-risk vulnerability affecting its Windows-based virtualization
Improper access control issues in VMware Tools for Windows could allow privilege escalation on affected virtual machines.
Critical RCE flaws put Kubernetes clusters at risk of takeover
The vulnerabilities dubbed IngressNightmare can allow unauthenticated users to inject malicious NGINX configurations and execute malicious code into the Ingress NGINX pod, potentially exposing all cluster secrets and leading to cluster takeover.
Warning for developers, web admins: update Next.js to prevent exploit
Install the latest version to close critical authorization bypass vulnerability.
New VanHelsing ransomware claims three victims within a month
The new Russian ransomware program â accessible to affiliates at $5,000 â offers variants targeting Windows, Linux, BSD, ARM, and ESXi systems.
© 2025
