Vulnerabilities | News, how-tos, features, reviews, and videos
Introduced in 2021, the US government’s vulnerability disclosure policy platform has racked up 12,000 bug reports and saved the government millions in remediation costs.
Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and perpetuate them.
Better communication and collaboration between researchers and vendors and improved bug reporting mechanisms could help address confusing and sometimes wholly suppressed bug reports.
Software providers continue to rely on community support to help them identify code mistakes that can lead to malicious attacks.
Firmware flaws can be notoriously challenging to patch, assuming a patch is even available. Here are a dozen vulnerabilities that put a wide range of systems, from PCs to medical devices, under threat.
Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware. This list, though not comprehensive, presents the most significant CPU and DRAM threats.
A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases.
Some vulnerabilities eat up a security team’s time and resources yet provide little or nothing in the way of true protection. Some may even introduce more risk to a network.
The OWASP list provides recommendations aimed at getting around lagging indicators such as CVE catalogs and provides security practitioners with a guide to safely using OSS components.
Hacker group Midnight Blizzard utilized password spray attacks that successfully compromised legacy Microsoft emails. Here’s how to reinforce your defenses against these intrusions.