GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.

The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.

The maximum-severity vulnerability, which hasn’t been exploited in the wild yet, affects software customers use to manage networking devices.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

The vendor said six of the 83 vulnerabilities it addressed this month are more likely to be exploited.

The vendor said it’s not aware of any active exploitation of the vulnerabilities, which could allow remote attackers to achieve root access and execute code.

The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018.

Too many defenders and researchers are paying attention to defects and unsubstantiated exploit concepts that aren’t worth their time, VulnCheck’s Caitlin Condon said.

The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.