CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.
Guru3D.com

Samsung Confirms Active Exploitation of High-Severity Vulnerability in SSD Magician Software

Samsung has issued a security warning confirming a serious vulnerability in its Samsung Magician SSD management software that is actively being exploited. The flaw affects Samsung Magician versions ...
Nature

Software Vulnerability Management and Economic Models

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...
The Hacker News

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A newly patched SmarterMail flaws is being exploited in the wild, allowing attackers to reset admin passwords and gain SYSTEM ...
Nasdaq

New Black Duck Research Finds High-Risk Sectors Riddled with Critical Vulnerabilities

BURLINGTON, Mass., Nov. 12, 2024 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck") today announced the publication of the "2024 Software Vulnerability Snapshot" report highlighting various ...
Morningstar

Software Vulnerabilities Surged 61% in 2024, with Exploits Nearly Doubling, Action1 Report ...

With vulnerability exploitation nearly doubling and critical weaknesses continuing to rise, it's clear that threat actors are accelerating their efforts while software ecosystems grow more complex.

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...
Infosecurity Magazine

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025 ...
Infosecurity-magazine.com

SAP Fixes Critical Vulnerability After Evidence of Exploitation

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...
CRN

Cisco Discloses Exploitation Of IOS Zero-Day Vulnerability

The high-severity flaw can be exploited to enable remote execution of code or denial of service, Cisco says. Cisco reported Wednesday that a zero-day vulnerability impacting its IOS and IOS XE ...
来自MSN

Vulnerability exploitation: The dangers of the open LLM model boom

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...