vulnerability disclosure Archives

A logo sign outside of the headquarters of Ivanti in South Jordan, Utah. (Kristoffer Tripplaar / Alamy Stock Photo)

Is Ivanti the problem or a symptom of a systemic issue with network devices?

Exploited vulnerabilities have turned up in Ivanti products 16 times since 2024. That’s more than any other vendor in the network edge device space.

4 days ago By Matt Kapko

Voluntary ‘Pall Mall Process’ seeks to curb spyware abuses

The 21 signatories support a number of steps, such as banning vendors who behave illegally, in a document agreed to last week in Paris.

Apr 7, 2025 By Tim Starks

Researchers raise alarm about critical Next.js vulnerability

The software defect in the widely used open-source JavaScript framework allows attackers to bypass middleware-based authorization.

Mar 24, 2025 By Matt Kapko

Rep. Nancy Mace, R-S.C., speaks during a hearing with the House Oversight and Accountability committee in the Rayburn House Office Building on April 11, 2024 in Washington, D.C. (Photo by Anna Moneymaker/Getty Images)

House passes bill requiring federal contractors to have vulnerability disclosure policies

The legislation to make contractors implement VDPs aligned with NIST guidelines is aimed at protecting Americans’ data, co-sponsor Rep. Nancy Mace says.

Mar 4, 2025 By Matt Bracken

Rep. Nancy Mace, R-S.C., listens as FEMA Administrator Deanne Criswell testifies during a House Oversight Committee Hearing at the Rayburn House Office Building on Nov. 19, 2024 in Washington, D.C. (Photo by Kevin Dietsch/Getty Images)

Bill requiring federal contractors to have vulnerability disclosure policies gets House redo

Reps. Nancy Mace and Shontel Brown reintroduced VDP legislation after the 2024 bipartisan, bicameral bill didn’t get a full Senate vote.

Jan 31, 2025 By Matt Bracken

Sen. Mark Warner, D-Va., speaks during a press conference in Washington, D.C., on March 20, 2018. From left, Sens. John Cornyn, James Lankford, Susan Collins and Richard Burr listen. (NICHOLAS KAMM/AFP via Getty Images)

Vulnerability disclosure policy bill for federal contractors clears Senate panel

The Homeland Security and Governmental Affairs Committee on Wednesday also advanced legislation to strengthen the federal IT supply chain.

Nov 20, 2024 By Matt Bracken

Screen of smartphone with icons. (Getty Images)

Android warns of Qualcomm exploit in latest security bulletin

The November security bulletin includes two CVE's reportedly exploited in the wild.

Nov 4, 2024 By Christian Vasquez

Close-up server detail with KVM switches. (Getty Images)

Printer bug sends researchers into uproar, affects major Linux distros

The vulns would allow attackers to run any commands on targeted computers without user knowledge. But it would take a lot of work to get to that…

Sep 26, 2024 By Christian Vasquez

Oil pipeline with valves in large oil refinery. (Getty Images)

Automatic tank gauge vendors alerted of software vulnerabilities in their products

If exploited, the vulnerabilities could give hackers full administrative access to critical networks found in the management systems for large fuel storage.

Sep 24, 2024 By Christian Vasquez

Microsoft Romania headquarters in City Gate Towers situated in Free Press Square, in Bucharest, Romania. (Getty Images)

Here’s what Microsoft fixed in September’s Patch Tuesday

The tech giant's regular vulnerability list includes new vulnerabilities for Windows Updater and Installer.

Sep 10, 2024 By Christian Vasquez