CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by ...

CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered U.S. federal agencies to secure their servers within three weeks.

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...

BURLINGTON, Mass., Nov. 12, 2024 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck") today announced the publication of the "2024 Software Vulnerability Snapshot" report highlighting various ...

With vulnerability exploitation nearly doubling and critical weaknesses continuing to rise, it's clear that threat actors are accelerating their efforts while software ecosystems grow more complex.

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...

The vulnerabilities disclosed in this release span multiple components of OpenSSL and affect a wide range of supported ...

Automated reconnaissance coupled with mass exploitation of vulnerabilities have helped ransomware-as-a-service (RaaS) groups to thrive in the past few quarters, ReliaQuest has warned. The threat ...

A critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion. On March 31, the Shadowserver Foundation reported that exploitation activity was ...

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...