CISA mulls new three-day remediation deadline for critical flaws
Experts have mixed reactions to a report that the US Cybersecurity and Infrastructure Security Agency (CISA) is considering reducing the timeline in which go...
Vulnerability Disclosure
20 articles
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to condu...
Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin
On April 22nd, 2026, we publicly disclosed a critical Arbitrary File Upload vulnerability in Breeze Cache, a WordPress plugin with an estimated 400,000 activ...
Oracle will patch more often to counter AI cybersecurity threat
Oracle plans to issue security patches for its ERP, database, and other software on a monthly cycle, rather than quarterly, to respond to the increased pace ...
NCSC Warns of an AI-Fuelled “Vulnerability Patch Wave”
The UK's National Cyber Security Centre is urging organizations to prepare for glut of new software updates
Anthropic Mythos spurs White House to weigh pre-release reviews for high-risk AI models
The Trump administration is in early discussions about whether advanced AI models should be vetted before public release, according to reporting from the New...
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
A previously unknown threat actor has been observed targeting government and military entities in Southeast Asia, alongside a smaller cluster of managed serv...
[local] Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation
Linux Kernel proc_readdir_de() 6.
[local] Linux nf_tables 6.19.3 - Local Privilege Escalation
Linux nf_tables 6.19.
[hardware] Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)
Linksys E1200 2.0.
[local] Windows 11 24H2 - Local Privilege Escalation
Windows 11 24H2 - Local Privilege Escalation
Handling the Vulnerability Surge in the Post-Mythos Era
How to Operationalize Hyper-Prioritization and Autonomous Remediation with Qualys Executive Summary The Mythos era, defined by a surge of AI-driven vulnerabi...
Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AI
Detecting a vulnerability is easy. Finding the person responsible for fixing it is where remediation programs often break down.
Anthropic Rolls Out Claude Security for AI Vulnerability Scanning
Claude Security enters public beta, giving enterprises AI driven code scanning with no API integration or custom agents required
Poisoned Ruby Gems and Go Modules Exploit CI Pipelines for Credential Theft
A new software supply chain attack campaign has been observed using sleeper packages as a conduit to subsequently push malicious payloads that enabled creden...
Tune In: The Future of AI-Powered Vulnerability Discovery
Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management Platform
Bridge the gap between AI-driven vulnerability discovery and prioritized remediation. Learn how to integrate Claude Security’s deep-logic analysis into Tenab...
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 20, 2026 to April 26, 2026)
Last week, there were 157 vulnerabilities disclosed in 122 WordPress Plugins and 27 WordPress Themes that have been added to the Wordfence Intelligence Vulne...
ABB Ability Symphony Plus Engineering
View CSAF Summary ABB became aware of vulnerability in the products versions listed as affected in the advisory. The ABB S+ Engineering product versions are ...
ABB System 800xA, Symphony Plus IEC 61850
View CSAF Summary This vulnerability was privately reported relating to ABB’s implementation of the IEC 61850 communication stack for MMS client applications...