Vulnerability Management

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Cyber Laws & Regulations

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies,...

Modern Patch Management: Closing the Remediation Gap to Prevent Breaches

Blue-Team

Modern Patch Management: Closing the Remediation Gap to Prevent Breaches

Many organizations continue to struggle with the fundamental security task of patching software vulnerabilities quickly enough to...

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

NAKIVO Inc. has launched Backup & Replication v11.1, a substantial update that significantly expands the platform’s disaster...

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

Blue-Team

Microsoft 365 Outage Analysis: A Pattern of Service Instability in 2025

A significant Microsoft 365 outage is actively preventing users from accessing critical services, including Microsoft Teams and...

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

News

Microsoft Exchange Online Implements Default Auto-Archiving to Manage Mailbox Growth

Microsoft has initiated a significant change in Exchange Online by enabling threshold-based auto-archiving by default for all...

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

CVE News

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

A critical security vulnerability in the Service Finder WordPress theme and its accompanying Bookings plugin is being...

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Blue-Team

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Docker has fundamentally changed its approach to container security by making its Hardened Images catalog available through...

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Bug Bounties & Responsible Disclosure

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Google has formally launched a dedicated AI Vulnerability Reward Program (AI VRP), creating a structured channel for...

Supreme Court Ruling on Google Play Store: Security Implications of Forced App Store Competition

Cyber Laws & Regulations

Supreme Court Ruling on Google Play Store: Security Implications of Forced App Store Competition

The U.S. Supreme Court has denied Google’s emergency request to block a major antitrust injunction, compelling significant...

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

CVE News

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, is being actively...

Zeroday Cloud Hacking Contest Unites Tech Giants with $4.5 Million Bounty Pool

Bug Bounties & Responsible Disclosure

Zeroday Cloud Hacking Contest Unites Tech Giants with $4.5 Million Bounty Pool

A new hacking competition called Zeroday Cloud has announced a total prize pool of $4.5 million in...

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

CVE News

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

The Redis security team has issued patches for a critical, maximum-severity vulnerability that enables authenticated attackers to...

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

CVE News

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

A significant security vulnerability, tracked as CVE-2025-59489, has been identified within the Unity game engine, posing a...

Zimbra Zero-Day Exploited via Malicious iCalendar Files

CVE News

Zimbra Zero-Day Exploited via Malicious iCalendar Files

Security researchers have identified a new zero-day attack campaign targeting Zimbra Collaboration Suite (ZCS) that leverages malicious...

DrayTek Router Security Crisis: Critical RCE and Global Reboot Incident Explained

CVE News

DrayTek Router Security Crisis: Critical RCE and Global Reboot Incident Explained

Networking hardware manufacturer DrayTek is confronting a significant security crisis involving multiple vulnerabilities in its Vigor router...

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

Bug Bounties & Responsible Disclosure

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

The bug bounty ecosystem is experiencing unprecedented growth, with HackerOne announcing it paid out $81 million in...

Allianz Life Data Breach: A Case Study in Third-Party Social Engineering

Data Breach

Allianz Life Data Breach: A Case Study in Third-Party Social Engineering

Allianz Life Insurance Company of North America has confirmed that a July 2025 cyberattack compromised the personal...

Western Digital Patches Critical My Cloud Command Injection Vulnerability

CVE News

Western Digital Patches Critical My Cloud Command Injection Vulnerability

Western Digital has released firmware updates to address a critical-severity vulnerability in multiple My Cloud Network Attached...

AI in Vulnerability Management: A Trust but Verify Approach

Security Tools & Research

AI in Vulnerability Management: A Trust but Verify Approach

The integration of artificial intelligence into cybersecurity workflows promises unprecedented speed in vulnerability detection and code generation....

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

CVE News

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

A critical vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) software, tracked as CVE-2025-10035, was actively exploited...

Posts pagination

1 2 3 4 … 17 Next

Vulnerability Management

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

Google’s AI Bug Bounty Program: A Technical Analysis for Security Professionals

Supreme Court Ruling on Google Play Store: Security Implications of Forced App Store Competition

Critical GoAnywhere MFT Vulnerability Actively Exploited by Medusa Ransomware

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

Zimbra Zero-Day Exploited via Malicious iCalendar Files

DrayTek Router Security Crisis: Critical RCE and Global Reboot Incident Explained

HackerOne’s $81 Million Bug Bounty Payout Signals AI Security Surge

Western Digital Patches Critical My Cloud Command Injection Vulnerability

AI in Vulnerability Management: A Trust but Verify Approach

Fortra GoAnywhere MFT Zero-Day Exploited Prior to Patch Release

You may have missed

ClickFix Malware Campaigns Resurrect Decades-Old Finger Protocol for Command Retrieval

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

Digital Passport Integration in Mobile Wallets: A Security Analysis

U.S. Launches Scam Center Strike Force to Combat $10 Billion Crypto Fraud Networks