The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

The vendor said six of the 83 vulnerabilities it addressed this month are more likely to be exploited.

The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018.

Too many defenders and researchers are paying attention to defects and unsubstantiated exploit concepts that aren’t worth their time, VulnCheck’s Caitlin Condon said.

The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.

The new system emerges after repeated funding crises exposed the fragility of the 25-year-old CVE program that cybersecurity defenders worldwide depend on.

Talha Tariq quickly found his company at the center of a fast-moving, high-stakes mitigation effort. The result: a bounty program, a cat-and-mouse patch fight, and a debate…

Roughly 100,000 servers running the automated workflow platform for AI and other enterprise tools are potentially exposed to exploitation.