AISLE Researchers Identify 12 New Security Vulnerabilities in OpenSSL Using AI-Driven Discovery

The vulnerabilities disclosed in this release span multiple components of OpenSSL and affect a wide range of supported ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.
The Hacker News

Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...
Infosecurity-magazine.com

SAP Fixes Critical Vulnerability After Evidence of Exploitation

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...
Morningstar

Software Vulnerabilities Surged 61% in 2024, with Exploits Nearly Doubling, Action1 Report Finds

With vulnerability exploitation nearly doubling and critical weaknesses continuing to rise, it's clear that threat actors are accelerating their efforts while software ecosystems grow more complex.
The Register on MSN

Patch or die: VMware vCenter Server bug fixed in 2024 under attack today

If you skipped it back then, now’s a very good time You've got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after ...
Nature

Software Vulnerability Management and Economic Models

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...
Nasdaq

New Black Duck Research Finds High-Risk Sectors Riddled with Critical Vulnerabilities

BURLINGTON, Mass., Nov. 12, 2024 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck") today announced the publication of the "2024 Software Vulnerability Snapshot" report highlighting various ...

Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities

Both platforms serve as backbone infrastructure for remote work and software development, making these flaws particularly dangerous for business continuity.
Hosted on MSN

Vulnerability exploitation: The dangers of the open LLM model boom

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...
Infosecurity-magazine.com

Learning from 2024: An Unprecedented Exploitation of Remote Access Technologies

The continuous exploitation of traditional remote access technologies such as VPNs has been a recurring feature in the past year in cybersecurity. This trend has been growing since the huge surge in ...