https://vicone.com/company/press-releases/pwn2own-automotive-2024-vicone-and-zdi-lead-first-hackathon-to-uncover-cyber-vulnerabilities-in-connected-vehicles
VicOne and Pwn2Own sponsors including Tesla discovered 49 unique bugs in EV chargers, in-vehicle infotainment (IVI) systems, and modems, etc.; Security...
automotiveviconeleadfirsthackathon
https://securelist.com/toolshell-explained/117045/
Jul 28, 2025 - Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay...
analysisvulnerabilitiesexploitcodesecurelist
https://www.pig333.com/latest_swine_news/vulnerabilities-in-u-s-feed-supply-chain-revealed-in-ifeeder-report_21943/
The U.S. depends heavily on imported vitamins and amino acids, the majority of which come from China. This poses risks to supply chain stability.
supply chainvulnerabilitiesfeedrevealed
https://www.pcworld.com/article/3032722/chrome-144-fixes-3-high-risk-security-vulnerabilities-update-now.html
Jan 14, 2026 - Google has released the next major version of its browser, Chrome 144. It closes several high-risk security vulnerabilities.
high risksecurity vulnerabilitieschromefixesupdate
https://www.schneier.com/blog/archives/2026/01/ais-are-getting-better-at-finding-and-exploiting-internet-vulnerabilities.html
Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage...
getting betteraisfindingexploitinginternet
https://securityboulevard.com/2023/02/oligo-security-mitigates-open-source-vulnerabilities-at-runtime/
Feb 15, 2023 - Oligo Security's runtime application security and observability platform detects and prioritize open source code vulnerabilities.
open sourcesecurityvulnerabilitiesruntimeboulevard
https://polarisproject.org/vulnerabilities-and-recruitment/
Jan 16, 2024 - The back story: who is most vulnerable “It can happen to anyone,” and “it’s happening in your backyard,” are two common in the anti-human trafficking...
vulnerabilitiesamprecruitmentpolaris
https://www.nuffieldfoundation.org/project/family-and-community-vulnerabilities-in-transition-to-net-zero
This research project will build a framework for understanding how the UK's transition to net zero will affect families and communities.
net zerounderstandingfamilycommunityvulnerabilities
https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/
Oct 22, 2025 - At least one CVE could weaken defenses put in place following 2008 disclosure.
cache poisoningvulnerabilitiesfounddnsresolving
https://www.ti.com/support-quality/quality-policies-procedures/report-product-security-vulnerabilities.html
Learn more about how TI’s Product Security Incident Response Team (PSIRT) accepts and responds to reports of potential security vulnerabilities involving TI...
product securityreportpotentialvulnerabilitiescom
https://discover.nowsecure.com/c/top-mobile-app-vulns-infographic?x=DvmX-6
Our latest infographic highlights five common mobile app security and privacy risks uncovered by NowSecure Mobile App Risk Intelligence (MARI). Such insight...
mobile apptopvulnerabilitiesprotectbusiness
https://ualbertapress.ca/9781772127386/contemporary-vulnerabilities/
Aug 8, 2023 - Contemporary Vulnerabilities offers critical reflections about vulnerable moments in research committed to social change. This interdisciplinary collection g...
contemporaryvulnerabilitiesuniversityalbertapress
https://www.searchenginejournal.com/multiple-wordpress-vulnerabilities-affects-20000-travel-sites/558052/
WordPress vulnerability rated 9.8 enables unauthenticated attackers to launch attacks and obtain sensitive data.
multiplewordpressvulnerabilitiesaffecttravel
https://www.wired.com/story/apple-iphone-17-memory-integrity-enforcement/
Sep 11, 2025 - Alongside new iPhones, Apple released a new security architecture on Tuesday: Memory Integrity Enforcement aims to eliminate the most frequently exploited...
big beteliminatetargetedvulnerabilities
https://insidegnss.com/rin-gnss-vulnerabilities-and-solutions-2011/
Jan 9, 2018 - Baška, Krk Island, Croatia The fourth GNSS Vulnerabilities and Solutions conference, sponsored by the Royal Institute of Navigation, will accept paper abstrac
ringnssvulnerabilitiessolutionsinside
https://www.electronicdesign.com/technologies/embedded/article/55091113/beyond-the-download-resetting-the-vulnerabilities-of-ota-updates
This article discusses the risks involved with OTA updates and the best practices, including the six crucial steps to guarantee OTA updates' dependability and...
ota updatesbeyonddownloadvulnerabilitieselectronic
https://thecyberthrone.in/2024/04/19/gpt-4-can-exploit-vulnerabilities-with-ease/
A recent research study reveals that the current AI technology (GPT-4)can allow threat actors to automate exploits for public vulnerabilities within minutes....
gptexploitvulnerabilitiesease
https://blackduck.skilljar.com/webinar-code-dx-reviewing-and-prioritizing-vulnerabilities-from-synopsys-solutions
Past Event Recording/Slides
webinarcodedxreviewingprioritizing
https://www.cybersecuritydive.com/news/cisa-second-beyondtrust-cve-exploited/737288/
Federal authorities are still working with the company to investigate a hack of Treasury Department workstations, but have not yet explained the CVEs’...
cisaaddssecondbeyondtrustcve
https://securereading.com/vulnerabilities-in-sophos-firewall-could-lead-to-remote-attacks/
Jan 6, 2025 - Sophos users must keep their firewall devices updated with the latest patches as the vendor addresses multiple security vulnerabilities.
vulnerabilitiessophosfirewallcouldlead
https://migramundo.com/covid-19-in-a-continuum-of-vulnerabilities-experiences-of-the-public-health-crisis-among-syrian-refugees-in-france-early-findings-from-the-mocomi-study/
Jul 1, 2022 - Anaik Pian, Victoria Brotto, Salomé Labé * Like other parts of the world, Europe has been hit hard by the COVID-19 pandemic. In France, as has been observed...
covidcontinuumvulnerabilitiesexperiences
https://www.brighttalk.com/webcast/11673/634302
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on June 12, 2025. We will discuss this mo...
patch tuesdaywebinarjunemonthvulnerabilities
https://vicone.com/blog/from-pwn2own-automotive-2-rce-vulnerabilities-in-the-phoenix-contact-charx-sec-3100-ev-charging-controller
We discuss the two vulnerabilities discovered in the Phoenix Contact CHARX SEC-3100 EV charging controller at Pwn2Own Automotive 2024, highlighting their...
automotivercevulnerabilitiesphoenix
https://wpengine-product.canny.io/hosting-platform-api/p/add-vulnerabilities-details-to-api
Hello, can you add into the API, all vulnerabities details we can found inside the portal ? This feature is usefull to feed our cybersecurity platform, because
wp engineaddvulnerabilitiesdetailsapi
https://nbaa.org/aircraft-operations/communications-navigation-surveillance-cns/connectivity/virtual-maintenance-conference-mitigating-business-aircraft-cybersecurity-vulnerabilities/
Apr 25, 2023 - Though business aircraft typically feature the most hardened cybersecurity systems, a breach could create a very real concern. Secure connectivity is the...
virtualmaintenanceconferencemitigatingbusiness
https://www.sonarsource.com/blog/sonar-power-of-deeper-sast/
This post delves into an actual Jenkins vulnerability to understand the intricacies of deeper SAST for detecting deeply hidden code vulnerabilities. It...
security vulnerabilitiesfinddeeplyhiddendeeper
https://www.infosecurity-magazine.com/news/new-linux-vulnerabilities-surge/
Feb 16, 2026 - Researchers discovered over 3000 Linux vulnerabilities in 2024, the largest of any category
newlinuxvulnerabilitiessurgeyear
https://www.biggerlawfirm.com/wordpress-security-breach-used-vulnerabilities-in-plugins-in-themes/
Apr 10, 2023 - Over one million WordPress websites have been infected by a malware campaign called Balada Injector since 2017, according to cybersecurity firm GoDaddy's
wordpress securitybreachusedvulnerabilitiesplugins
https://getshieldsecurity.com/blog/shieldnotes-082/
Nov 12, 2025 - Post SMTP, AI Engine, and Gravity Forms are affected by critical vulnerabilities, while The Events Calendar continues to face a recurring flaw. It’s time to...
wordpress pluginshighriskvulnerabilitiesmajor
https://blog.huntr.com/gguf-file-format-vulnerabilities-a-guide-for-hackers
Nov 19, 2025 - Explore the critical vulnerabilities in GGUF file format and learn how to identify and exploit them in machine learning models.
file formatggufvulnerabilitiesguidehackers
https://www.amossys.fr/insights/blog-technique/responsible-disclosure-of-vulnerabilities-found-on-apereo-cas/
Jun 18, 2025 - Recently, our Security Evaluation and Analysis Laboratory had the opportunity to perform an internal security audit of Apereo CAS, focusing on four...
responsible disclosurevulnerabilitiesfoundcas
https://github.blog/engineering/platform-security/fixing-security-vulnerabilities-with-ai/
Apr 7, 2025 - A peek under the hood of GitHub Advanced Security code scanning autofix.
security vulnerabilitiesgithub blogfixingai
https://www.tigera.io/blog/how-network-security-policies-can-protect-your-environment-from-future-vulnerabilities-like-log4j/
Sep 18, 2025 - Learn how the use of network policies could have prevented the Log4j vulnerability, and how to secure your environment against similar future attacks
network securitypoliciesprotectenvironmentfuture
https://patchstack.com/rapidmitigate/
Oct 2, 2025 - Patchstack finds and mitigates vulnerabilities before hackers can exploit them, keeping websites safe until vulnerabilities can be officially resolved.
vulnerabilitiesexploitedpatchstack
https://www.cybersecuritydive.com/news/fortinet-threat-activity-older-vulnerabilities/745155/
Researchers discovered a technique that allows threat actors to maintain read-only access to vulnerable FortiGate devices after they are patched.
cybersecurity divefortinetwarnsthreatactivity
https://www.phishprotection.com/cybersecurity/understanding-zero-day-vulnerabilities-a-curated-list-for-cybersecurity
Nov 27, 2025 - A zero-day vulnerability refers to a previously unknown security flaw in software or hardware that has not yet been addressed by the vendor through a security
zero dayunderstandingvulnerabilitiescuratedlist
https://www.fortinet.com/support/support-services/fortiguard-security-subscriptions/security-rating
Assesses and rates your Security Fabric infrastructure and controls against best practices and major security and compliance frameworks. Includes coverage for...
attack surfaceidentifycriticalvulnerabilitiesconfiguration
https://www.eccnet.eu/reporting-vulnerabilities
We want our website to be a safe and welcoming place for everyone. That's why we do everything we can to keep our website and systems secure. However, it...
reportingvulnerabilitieseuropeanconsumercenters
https://www.worldbank.org/en/research/publication/fragile-and-conflict-affected-situations-vulnerabilities
World Bank assessment finds conflict and instability are taking a devastating toll on the 39 economies afflicted by them, driving up extreme poverty faster...
fragileconflictaffectedsituationsintertwined
https://metro.co.uk/2025/12/30/apple-warns-iphone-users-critical-zero-day-security-vulnerabilities-25926933/
Dec 30, 2025 - All Apple iPhone users have issued a warning to make sure to update iOS update, 26.2, to fix a secruity bug/.
zero dayapplewarnsiphoneusers
https://zencoder.ai/blog/enterprise-security-how-ai-protects-your-codebase
Learn how AI transforms enterprise security by detecting vulnerabilities, enhancing code protection, and integrating with modern development workflows.
aisecurescodebasevulnerabilities
https://www.brighttalk.com/webcast/11673/608851
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on July 11, 2024. We will discuss this mo...
monthvulnerabilitiespatchesjuly
https://www.yourtango.com/self/tough-guy-cliches-mask-mens-vulnerabilities
Tom Matlack gives insight into 6 signs a man is overcompensating to prove his "toughness" that is hiding something more underneath.
tough guymaskvulnerabilitiesyourtango
https://chacruna.net/our-vulnerabilities-to-unethical-sexual-behavior/
I first wrote The Ethics of Caring (1995, 2017) while working as a senior trainer for the Grof Transpersonal Training and simultaneously taking a traditional...
sexual behaviorvulnerabilitiesunethical
https://tech.co/news/researchers-microsoft-teams-vulnerabilities
Nov 5, 2025 - Think you know when an MS Teams message was edited or who's calling for a video chat? Think again. These recently-fixed flaws could have tripped you up.
microsoft teamsresearchersrevealedbigvulnerabilities
https://www.brighttalk.com/webcast/11673/590327
Please join the Qualys research and product teams for the webinar “This Month in Vulnerabilities and Patches” on August 10, 2023. We will discuss this ...
monthvulnerabilitiespatchesaugust
https://www.energytechreview.com/views/the-growing-digital-vulnerabilities-of-the-power-generation-sector-nwid-592.html
Digitalization and the internet of things have increased productivity and improved energy companies\' safety and environmental performance, particularly in...
power generationgrowingdigitalvulnerabilitiessector
https://www.brighttalk.com/webcast/11673/608842
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on May 16, 2024. We will discuss this mon...
monthvulnerabilitiespatchesmay
https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins
Oct 5, 2023 - Introduction For the past few Fridays I have been working on my second research project at Onvio. This time the challenge consisted of finding 3 new...
research daywordpress pluginsdiscoveringvulnerabilitiesonvio
https://novee.security/blog/hacker-trained-ai-discovers-16-new-0-day-vulnerabilities-in-pdf-engines/
Feb 18, 2026 - Our researchers found 3 critical vulnerabilities in PDF ecosystems. Then we let our trained AI loose, and found 13 more.
hackertraineddiscoversnewday
https://psirt.bosch.com/report-a-vulnerability/
Check the Bosch PSIRT website for information on how to report cybersecurity vulnerabilities in a Bosch product or website or data protection issues.
reportcybersecurityvulnerabilitiesboschproduct
https://testguild.com/podcast/automation/a567-sarit/
Nov 17, 2025 - About This Episode: AI is accelerating software delivery, but it’s also introducing new security risks that most developers and automation engineers never
vibe codingtestingaistopvulnerabilities
https://contracorriente.red/en/2024/10/28/socio-environmental-vulnerabilities-for-a-cup-of-coffee/
Oct 28, 2024 - Coffee is one of the most widely traded and consumed commodities in the world, which is why I want to talk about the negative socio-environmental impacts of...
socioenvironmentalvulnerabilitiescupcoffee
https://www.bankofcanada.ca/rates/indicators/indicators-of-financial-vulnerabilities/
Get quarterly data for the indicators we use to track the evolution of two vulnerabilities in the Canadian economy: the elevated level of household...
indicatorsfinancialvulnerabilitiesbankcanada
https://www.cobalt.io/customers/mulesoft
How MuleSoft protects terabytes of information flowing through their API management platform using Cobalt's Pentest as a Service (PtaaS) platform.
mulesoftfixesvulnerabilitiesfasterptaas
https://droomdroom.com/what-is-web3-infrastructure/
Apr 15, 2025 - Web3 infrastructure is a technology stack of interconnected protocols, tools, and solutions that developers need to build dApps.
infrastructureresolving
https://cycode.com/blog/github-actions-vulnerabilities/
Apr 3, 2024 - Cycode discovered critical vulnerabilities in several popular open-source projects, each of which can cause a supply-chain attack through the CI process.
github actionsfoundvulnerabilitiescicd
https://www.cybersecuritydive.com/news/tenable-ceo-microsoft-vulnerabilities/625371/
Amit Yoran claims Microsoft failed to acknowledge a critical vulnerability in Azure until Tenable said it would go public.
tenableceocallsmicrosoftlack
https://media.hardwear.io/hardpwn-usa-2023/
Jul 24, 2023 - Our latest HardPwn competition apparently surfaced a record number of vulnerabilities in Google devices for a hardware hacking event. Google, which...
usagooglerecordhauldevice
https://www.techtarget.com/searchapparchitecture/tip/Critical-API-vulnerabilities-every-IT-team-should-address
Sep 15, 2023 - Discover why it is crucial for software teams to understand API vulnerabilities and the steps to be taken to thwart attackers.
criticalapivulnerabilitieseveryteam
https://www.brighttalk.com/webcast/11673/634308
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on November 13, 2025. We will discuss thi...
patch tuesdaywebinarnovembermonthvulnerabilities
https://kinde.com/blog/security/fixing-vulnerabilities-and-getting-the-occasional-white-hat-helper/
Application vulnerabilities sneaking through your release pipeline, exploits against a third-party library, and so on? Learn how to deal with scary situations.
white hatkindefixingvulnerabilitiesgetting
https://www.brighttalk.com/webcast/11673/634306
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on September 11, 2025. We will discuss th...
patch tuesdaywebinarseptembermonthvulnerabilities
https://thenewstack.io/owasp-top-10-a-guide-to-the-worst-software-vulnerabilities/
Nov 5, 2021 - For the first time in four years, the OWASP Top 10 list of web application risks was updated for OWASP's 20th anniversary.
owasptopguideworstsoftware
https://www.aikido.dev/blog/claude-opus-4-6-500-vulnerabilities-software-security
Anthropic claims Claude Opus 4.6 uncovered 500+ high-severity vulnerabilities in open source. Here’s what that means for vulnerability discovery,...
claude opusfoundvulnerabilitiesmeans
https://www.qualys.com/cyber-risk-tech-debt
This free report forecasts your upcoming tech debt by category, risk assessment, and recommended steps for proactive remediation to de-risk your organization.
attackerstargetingeosvulnerabilitiesqualys
https://www.techtarget.com/searchsecurity/resources/Threats-and-vulnerabilities
Find out how to detect and defend against security threats and vulnerabilities, such as malware, ransomware, phishing, denial-of-service attacks and more.
threatsvulnerabilitiesresourcesinformationtechtarget
https://www.techzine.eu/blogs/security/79690/armis-security-provides-insight-into-it-ot-and-iot-vulnerabilities/
May 25, 2022 - New security vendor in our region promises insight into the vulnerability of all conceivable assets within the organization and does this in a
armissecurityprovidesinsightot
https://feedly.com/cve
Welcome to Feedly CVEs — Research critical vulnerabilities (CVEs) with all the real-time and historical information you need to assess the risk to your...
currentcommonvulnerabilitiesexposures
https://www.brighttalk.com/webcast/11673/615589
With the news of yet another Chrome vulnerability—the third within one week—and potentially more to come, IT and security teams face the prospect of a v...
google chromethree strikesfixvulnerabilities
https://www.csoonline.com/article/4013597/cisco-warns-of-critical-api-vulnerabilities-in-ise-and-ise-pic.html
Jun 27, 2025 - Patch these holes before threat actors exploit them to get root access.
ciscowarnscriticalapivulnerabilities
https://www.macrumors.com/2025/12/12/ios-26-2-security-vulnerabilities/
Apple today released iOS 26.2, iPadOS 26.2, and macOS 26.2, all of which introduce new features, bug fixes, and security improvements. Apple says that the...
security vulnerabilitiesupdateiosfixesmacrumors
https://vpncreative.net/new-vpn-security-vulnerabilities-discovered/
Apr 23, 2025 - A Critical Vulnerability in Speedify VPN for macOS Users Exposes Root-Level Risks
vpn securitynewvulnerabilitiesdiscovered
https://pentera.io/vulnerability-prioritization/
Oct 28, 2025 - Optimize your security strategy by focusing on high-risk vulnerabilities with Pentera. Prioritize effectively and remediate with precision.
prioritizecriticalvulnerabilitiespentera
https://www.csoonline.com/article/4111566/patch-tuesday-2025-roundup-the-biggest-microsoft-vulnerabilities-of-the-year.html
Dec 30, 2025 - Nine high impact CVEs were flagged by security pros as the most worrying.
patch tuesdayroundupbiggestmicrosoftvulnerabilities
https://www.csoonline.com/article/4105950/microsoft-flips-security-script-in-scope-by-default-makes-all-vulnerabilities-fair-game-for-bug-bounties.html
Dec 12, 2025 - The company’s new approach is that anything touching Microsoft services is eligible for a bug bounty, regardless of its source.
microsoftflipssecurityscriptscope
https://www.aikido.dev/blog/python-security-vulnerabilities
A practical overview of the most common Python security vulnerabilities, insecure patterns, and dependency-related risks.
python securityvulnerabilitiestopissues
https://www.brighttalk.com/webcast/11673/608852
Please join the Qualys research and product teams for the “This Month in Vulnerabilities and Patches” webinar on August 15, 2024. We will discuss this ...
monthvulnerabilitiespatchesaugust
https://davidivashenko.com/ios-vpn-vulnerabilities-and-data-leaks-an-ongoing-issue/
Nov 7, 2024 - Despite advancements in iOS versions, VPN vulnerabilities persist, affecting user privacy and security. Even in the latest version, iOS 18.1.
ios vpndata leaksvulnerabilitiesongoingissue
https://www.f5.com/company/blog/dealing-with-application-vulnerabilities-best-practices-for-security-testing
Both the scale and complexity of application vulnerabilities are rapidly escalating. Discover why a proactive, multi-layered approach to security testing is...
best practicessecurity testingdealingapplicationvulnerabilities