The Homeland Security and Governmental Affairs Committee on Wednesday also advanced legislation to strengthen the federal IT supply chain.

The November security bulletin includes two CVE's reportedly exploited in the wild.

The vulns would allow attackers to run any commands on targeted computers without user knowledge. But it would take a lot of work to get to that…

If exploited, the vulnerabilities could give hackers full administrative access to critical networks found in the management systems for large fuel storage.

The tech giant's regular vulnerability list includes new vulnerabilities for Windows Updater and Installer.

The legislation from Sens. Warner and Lankford would require federal contractors to adhere to NIST’s guidelines on VDPs.

A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.

The National Vulnerability Database has ceased some of its work, but some experts fear the formation of a consortium to address its problems lacks sufficient urgency.

Nearly all commercially available computers are vulnerable to a flaw in the process used to display a logo upon start-up.

Researchers say Digital Communications Technologies has not addressed a bug impacting its Syrus4 IoT gateway, leaving open the possibility for vehicle fleets to be shut down.