A major vulnerability is the "patch gap"—the often-months-long delay between when software vendors release security fixes and ...

Remediation of common vulnerabilities and exposures (CVEs) has become table stakes for companies to do business, because ...

As many as 97 out of the 138 vulnerabilities disclosed as actively exploited in the wild in 2023 were zero-days, according to a report from Mandiant. The rest of the software flaws under review were ...

Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

A widely popular npm package carried a critical severity vulnerability that allowed threat actors to, in certain scenarios, ...

There’s an old Harry James song I’ve heard before — it’s called “I’ve Heard That Song Before” — and lately it comes to mind whenever I hear that I need to update my Chrome browser right away. Like ...

While there’s no single solution for outpacing today’s cybercriminals, there are several steps you should take now to ensure your team is prepared to guard against attackers’ evolving methods.

"System security is not a matter to be taken lightly," I tell myself as I put off updating my BIOS for another month. Even though I tend to keep physical media backups and I'm not in the habit of ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...