Cybersecurity Feds to CIOs: Actively ask your vendors if they’ve done a SQLi audit... , and Edward Targett June 26, 2024
vulnerabilities How the NVD backlog highlights the need for context in vulnerability management , and Sylvain Cortes June 18, 2024
vulnerabilities Microsoft updates mitigation for critical “wormable” bug , and The Stack June 17, 2024
Fortinet 20,000 Fortinet devices breached by Chinese hackers – reboots, firmware updates no defence , and Edward Targett June 11, 2024
SolarWinds “Trivially exploitable” bug in SolarWinds file server needs prompt fixing , and Edward Targett June 11, 2024
vulnerabilities Check Point vulnerability far worse than thought – exploited in wild since April , and The Stack May 30, 2024
Cybersecurity Turf wars? NIST to fix NVD backlog by September – insists it’s right agency to run vulnerability database , and Edward Targett May 30, 2024
Cybersecurity Root, but no response: 6 pre-auth RCEs in VMware ignored , and Edward Targett May 22, 2024
Ivanti Gird your loins, there’s a new pre-auth RCE in Ivanti boxes landing , and Edward Targett May 2, 2024
NVD As NVD flatlines, cybersecurity professionals call for urgent action , and Edward Targett April 18, 2024
VPN Palo Alto Networks: CVSS 10 bug in Pan-OS is being exploited in the wild , and The Stack April 12, 2024
xz-utils xz-utils Github repository disabled as Linux maintainers assess blast radius of backdoor, earlier commits , and Edward Targett March 30, 2024
Fortinet Fortinet warns on critical SQL Injection bug after NCSC disclosure , and The Stack March 13, 2024
Cybersecurity CI/CD platform TeamCity exposed to critical pre-auth RCE bug, amid disclosure spat , and The Stack March 4, 2024
