Researchers are especially concerned about a high-severity defect in SQL Server and a critical vulnerability in SPNEGO, a foundational protocol.

Application Attack Matrix is a community effort designed to help defenders and organizations better understand and define how attackers use and exploit weaknesses in applications.

French authorities said government agencies and businesses spanning telecom, media, finance and transportation were impacted by the widely exploited Ivanti vulnerabilities.

A researcher tells CyberScoop that up to 80% of enterprises could be vulnerable to the zero-day Microsoft patched in its June update.

The most serious flaw in the monthly security update affects the Android system and could be exploited to achieve local escalation of privilege, the company said.

The besieged security vendor maintains the latest exploited vulnerabilities in its products are entirely linked to unspecified security issues in open-source libraries. Some researchers aren’t buying it.

The company has addressed zero-day vulnerabilities for eight consecutive months without deeming any of them critical at the time of disclosure.

The network security device vendor is making a regular appearance on CISA’s known exploited vulnerabilities catalog. Unlike its competitors, SonicWall hasn’t signed the secure-by-design pledge.

The monthly Android security update covers 47 vulnerabilities, including a high-severity defect in the widely used FreeType software library.

Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.