Vulnerability


  • cybersecurity graphic
    Image attribution tooltip
    Permission granted by Tines
    Image attribution tooltip
    Sponsored by Tines

    Beyond the hype: How security leaders can build AI agents that matter

    AI agents can reclaim hours of lost analyst time if deployed with purpose, strategy and secure design.

    By Eoin Hinchy, CEO & Co-Founder, Tines • June 30, 2025
  • Sponsored by Imprivata

    Why IT teams under pressure are looking to access logs for answers

    Under pressure, IT teams are tapping access logs for real-time insight—not just compliance.

    By Joel Burleson-Davis, Chief Technology Officer, Imprivata • June 30, 2025
  • A technician programs an automation system
    Image attribution tooltip
    RainStar via Getty Images
    Image attribution tooltip

    Most building management systems exposed to cyber vulnerabilities, experts warn

    A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure. 

    By Joe Burns • June 27, 2025
  • A towering Citrix-branded expo sign; the tagline: "Better experience"
    Image attribution tooltip

    Citrix via Flickr

    Image attribution tooltip

    Hackers exploiting critical Citrix Netscaler flaw, researchers say

    After confirming exploitation of a separate zero-day flaw, Cloud Software Group promises to be transparent.

    By June 27, 2025
  • A screen showing a technical error message in an airport hallway
    Image attribution tooltip
    Jack Taylor via Getty Images
    Image attribution tooltip

    Microsoft to make Windows more resilient following 2024 IT outage

    The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

    By Updated June 26, 2025
  • Exterior of Citrix office complex.
    Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images
    Image attribution tooltip

    Critical vulnerability in Citrix Netscaler raises specter of exploitation wave

    Threat researchers warn the flaw could open up a flood of attacks that rival the 2023 CitrixBleed crisis. 

    By Updated June 25, 2025
  • Ransomware Malware Attack. Business Computer Hacked. Security Breach.
    Image attribution tooltip
    AndreyPopov via Getty Images
    Image attribution tooltip

    Researchers urge vigilance as Veeam releases patch to address critical flaw

    The patch for a previously disclosed vulnerability in the company’s backup software did not offer adequate protection, according to researchers.

    By June 18, 2025
  • An attendee passes an AWS logo on a escalator at the AWS re:Invent 2024 conference hosted at in Las Vegas on December 3, 2024.
    Image attribution tooltip
    Noah Berger / Stringer via Getty Images
    Image attribution tooltip

    Cloud storage buckets leaking secret data despite security improvements

    New data from Tenable highlighted significant improvements in the number of businesses with publicly exposed and critically vulnerable buckets storing sensitive data.

    By June 18, 2025
  • Double exposure shot of backside of a computer and red binary codes.
    Image attribution tooltip
    Suebsiri via Getty Images
    Image attribution tooltip

    Critical Zyxel vulnerability under active exploitation after long period of quiet

    Researchers say a sudden burst of activity could be linked to a Mirai botnet variant.

    By June 17, 2025
  • Remote software
    Image attribution tooltip
    Courtesy of Remote
    Image attribution tooltip

    CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws

    The latest confirmed cyber intrusion hit a utility billing software provider and its customers.

    By June 13, 2025
  • software developers using computer to write code sitting at desk with multiple screens work remotely in home at night.
    Image attribution tooltip
    MTStock Studio via Getty Images
    Image attribution tooltip

    Software vulnerabilities pile up at government agencies, research finds

    A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.

    By June 12, 2025
  • Microsoft CEO Satya Nadella speaks during the OpenAI DevDay event on November 06, 2023 in San Francisco, California.
    Image attribution tooltip
    Justin Sullivan / Staff via Getty Images
    Image attribution tooltip

    Critical flaw in Microsoft Copilot could have allowed zero-click attack

    Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user interaction.

    By Updated June 11, 2025
  • AI Artificial Intelligence technology for data analysis
    Image attribution tooltip
    Khanchit Khirisutchalual via Getty Images
    Image attribution tooltip

    From malware to deepfakes, generative AI is transforming attacks

    Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner.

    By June 10, 2025
  • Header image for "Financial Industry is Third-Most Targeted By Hackers"
    Image attribution tooltip
    Andrew Brookes
    Image attribution tooltip

    SentinelOne rebuffs China-linked attack — and discovers global intrusions

    The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.

    By Updated June 9, 2025
  • representing a digital landscape
    Image attribution tooltip
    Permission granted by ThreatLocker
    Image attribution tooltip
    Sponsored by ThreatLocker

    Understanding the evolving malware and ransomware threat landscape

    Cyber threats like ransomware and malware are rising fast, hitting firms like Frederick Health and Marks & Spencer. Defense needs layers, adaptability and vigilance.

    By Farid Mustafayev, Senior Software Engineer, ThreatLocker • June 9, 2025
  • Man standing in a suit in front of a U.S. and EPA flags.
    Image attribution tooltip
    (2025). "EPA Administrator Lee Zeldin Launches the Greatest Day of Deregulation in American History" [Video]. Retrieved from U.S. Environmental Protection Agency.
    Image attribution tooltip

    Water utilities mitigate equipment flaws after researchers find widespread exposures

    Censys researchers said hundreds of water treatment facilities have taken steps to protect against malicious cyber intrusions.

    By June 5, 2025
  • An aerial view of the Shotwick Solar Energy Park on February 25, 2025 in Deeside, Wales.
    Image attribution tooltip
    Christopher Furlong via Getty Images
    Image attribution tooltip

    Vast array of solar power equipment left exposed online

    The most commonly exposed device has been discontinued and vulnerable for a decade, new research found.

    By June 4, 2025
  • ndustry Factory Female Industrial Engineer Works on the Personal Computer on the Turbine/ Engine Project in 3D Using CAD Program.
    Image attribution tooltip

    ShutterStock/#761906881

    Image attribution tooltip
    Sponsored by Rockwell Automation

    Build more robust OT security with the NIST framework

    Access your guide below and start your journey towards resilient, secure OT operations using the NIST framework.

    June 2, 2025
  • close up of a worker holding  up a tablet
    Image attribution tooltip
    Dragos Condrea via Getty Images
    Image attribution tooltip

    Outage disrupts some SentinelOne services

    Company executives said there was no indication the incident was the result of a security issue.

    By May 29, 2025
  • An illustration of a calendar, with a mouse cursor clicking on a day
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    Google: China-backed hackers hiding malware in calendar events

    The APT41 nation-state threat group is exploiting yet another cloud service to mask its operations, according to new research.

    By May 29, 2025
  • Broadband connections
    Image attribution tooltip
    NicoElNino via Getty Images
    Image attribution tooltip

    Thousands of ASUS routers compromised in sophisticated hacking campaign

    Researchers have previously linked the suspected threat actor, dubbed ViciousTrap, to the exploitation of Cisco routers.

    By May 29, 2025
  • A cargo pallet filled with rockets and covered in safety straps sits on a tarmac at night.
    Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    Microsoft, Dutch government discover new Russian hacking group

    The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.

    By Updated May 28, 2025
  • More than two dozen world leaders, tech executives, and experts stand in several rows on blue carpeted steps in front of a backdrop that says "AI Safety Summit"
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    US, allies recommend security protections for AI models

    The joint guidance comes as officials fear how hackers could manipulate AI systems, especially in critical infrastructure.

    By May 22, 2025
  • Cyberhackers-Ransomware
    Image attribution tooltip
    (Gorodenkoff) via Getty Images
    Image attribution tooltip

    Ivanti Endpoint Mobile Manager customers exploited via chained vulnerabilities

    The company said additional CVEs may be necessary for flaws in related open-source libraries, but researchers are raising questions.  

    By Updated May 20, 2025
  • A woman wearing a surgical mask stands in front of a booth for the Chinese networking company TP-Link at a German consumer electronics trade show.
    Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China

    The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.

    By May 15, 2025