Forget stolen credentials and misconfigurations; AI means vulnerability exploits that beat patching cycles are the top cause of compromises in the cloud.

Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell ...

CVE-2021-22681, an old vulnerability affecting ICS products from Rockwell Automation, has been exploited in attacks.

Last year, The European Union Agency for Cybersecurity (ENISA) launched the European Union’s Vulnerability Database (EUVD), which marked a pivotal moment in the evolution of global cybersecurity. For ...

New Google report suggests cloud misconfigurations are on the decline, forcing crooks to pivot.

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...

A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

Exploited CVEs increased by a fifth in 2024, according to analysis by VulnCheck, with increased transparency and improved monitoring playing a role. Still, proactive measures are vital. Almost one in ...

The high-severity flaw can be exploited to enable remote execution of code or denial of service, Cisco says. Cisco reported Wednesday that a zero-day vulnerability impacting its IOS and IOS XE ...

Cisco has handed security teams one of the largest ever patching workloads affecting its firewall products, including fixes ...

Austin Gadient is CTO & cofounder of Vali Cyber. Vali’s product ZeroLock protects hypervisors and Linux systems from cyber attacks. Many organizations are familiar with patching, the standard practice ...

RapidFort Raises $42M Series A Led by Blue Cloud Ventures and Forgepoint Capital to Power the Next Generation of Software Supply Chain Defense RapidFort, the technical leader defining the next ...