Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
ICS Patch Tuesday: 8 Industrial Giants Patch Critical Vulnerabilities
Analysis of new security advisories from Siemens, Schneider Electric, and others regarding critical infrastructure vulnerabilities and remediation steps.
OpenAI GPT-5.4-Cyber: Defensive AI for Security Teams
OpenAI unveils GPT-5.4-Cyber, a model optimized for defensive security. Learn how it assists SOC teams in threat detection and vulnerability remediation.
Combatting EDR-Killer Tools and BYOVD Attack Techniques
Defenders face new challenges as the EDR-killer ecosystem expands, utilizing Bring Your Own Vulnerable Driver (BYOVD) to disable security agents.
Microsoft Patch Update: Zero-Day Privilege Elevation Dominates
Microsoft's latest patch update addresses 165 vulnerabilities, with over half being privilege elevation flaws, including two actively exploited zero-days.
April 2026 Patch Tuesday: SharePoint Zero-Day, BlueHammer, & Adobe RCE
Microsoft's April 2026 Patch Tuesday addresses 167 vulnerabilities, including a SharePoint Server zero-day, Windows Defender 'BlueHammer' flaw, and an actively exploited
Microsoft Patch Tuesday April 2026: Record Update Cycle Analysis
Analysis of Microsoft's April 2026 Patch Tuesday, highlighted as a record release, providing context and recommendations for security professionals.
CISA KEV Catalog Update: Microsoft Office RCE and SharePoint Exploited
CISA adds CVE-2009-0238 (Microsoft Office RCE) and CVE-2026-32201 (SharePoint Server input validation) to its Known Exploited Vulnerabilities Catalog. All organizations
Adobe Patches Critical ColdFusion and InDesign RCE Vulnerabilities
Adobe's September 2024 update addresses 55 vulnerabilities, including critical RCE in ColdFusion and InDesign. Patching is required to prevent system takeover.
CVE-2024-30044: SharePoint Server RCE Zero-Day Patched — Patch Now
Microsoft's May 2024 Patch Tuesday addresses 61 vulnerabilities including a critical SharePoint RCE zero-day and a Windows DWM elevation of privilege flaw.
Windows 10 KB5082200 ESU: Patching April 2026 Zero-Day Flaws
Microsoft addresses two critical zero-days in the Windows 10 KB5082200 Extended Security Update. Learn how to secure EOL systems against active exploitation.
PHP Composer RCE via CVE-2026-40176 — Mitigation Guide
High-severity command injection flaws in PHP Composer's Perforce driver enable arbitrary command execution. Update to versions 2.2.27 or 2.7.2 immediately.
CSA Urges 'Mythos-Ready' Security to Combat AI-Accelerated Threats
The Cloud Security Alliance warns CISOs of shrinking exploit windows as AI models like Mythos automate vulnerability discovery and threat execution.