Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Qualys Blog

20 articles

Qualys Blog Vulnerability Disclosure 2d ago

How to Meet a 3-Day Remediation SLA & Comply with CISA BOD 26-04

Key Takeaways CISA BOD 26–04 mandates remediation of the publicly exposed, highest-risk, known-exploited vulnerabilities within 3 days. The directive applies...

Qualys Blog →

Qualys Blog General Qualys 2d ago

Qualys Joins Chainguard Athena: Turning Coalition-Scale Findings Into Validated Action

Qualys is proud to have joined Athena, the industry coalition Chainguard launched to coordinate the defense of open source software. It’s a cause we strongly...

T1598

Qualys Blog →

Qualys Blog Zero-Day Fortinet 3d ago

FortiBleed: Credential Reuse, Legacy Hashes, and the Risk of Internet-Exposed FortiGate Devices 

Key Takeaways FortiBleed refers to June 2026 public reporting of large-scale credential exposure and abuse targeting internet-reachable FortiGate management ...

Qualys Blog →

Qualys Blog Vulnerability Disclosure 3d ago

Operationalizing Day Minus Seven: The Cloud-Native ROC

Summary Frontier AI models in the post-Mythos era are changing the speed and scale of exposure risk. Security teams are entering an era where AI can help dis...

Qualys Blog →

Qualys Blog General Cisco Qualys Intel 4d ago

Qualys Joins Cisco Cloud Control Studio as a Launch Partner to Bring Risk Intelligence to Agentic Operations

Key Takeaways Qualys is a launch partner in Cisco Cloud Control Studio, Cisco’s new unified platform for agentic IT operations. Joint customers can access Qu...

Qualys Blog →

Qualys Blog General 5d ago

Is Your AppSec Program Built to Close the OWASP Top 10 2025 Coverage Gap? 

Key Takeaways Most AppSec programs treat API-layer coverage as a DAST extension, but BOLA, BFLA, and SSRF require authenticated multi-role testing that tradi...

Qualys Blog →

Qualys Blog Vulnerability Disclosure Qualys Jun 24

CERT-In’s AI Vulnerability Blueprint: Why Indian CISOs Need Machine-Speed Risk Operations in the Post-Mythos Era 

A Qualys India perspective on CERT-In’s blueprint, the post-Mythos threat landscape India faces, and why the operating model needs to change. Key Takeaways M...

Qualys Blog →

Qualys Blog General Microsoft Jun 23

3 Paths to Upgrade Windows 11 before 24H2 End of Servicing (EOL)

Key Takeaways Windows 11 24H2 reaches the end of servicing on October 13, 2026, making timely enterprise upgrades critical. Enterprises often face version dr...

Qualys Blog →

Qualys Blog General Jun 22

CNAPP’s New Normal: Hyper-Prioritization and Autonomous Remediation at Cloud Scale

AI-powered detection has crossed a threshold. Security teams can now surface vulnerabilities, misconfigurations, and active attack paths at a speed and scale...

Qualys Blog →

Qualys Blog Advisory Oracle Jun 18

Oracle Critical Patch Update, June 2026 Security Update Review

Oracle released its third quarterly edition of this year’s Critical Patch Update. The update received patches for 245 security vulnerabilities.

Qualys Blog →

Qualys Blog General Jun 15

What Changed in OWASP Top 10 2025 and Recommendations for Each Category

Key Takeaways The OWASP Foundation has released the eighth edition of its Top 10 Web Application Security Risks. This is the first major update since 2021, a...

Qualys Blog →

Qualys Blog Vulnerability Disclosure Jun 10

How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04

Executive Summary Recognizing the ability of Frontier AI models to discover and exploit vulnerabilities at unprecedented speed and scale, CISA’s Binding Oper...

Qualys Blog →

Qualys Blog General Jun 10

Turning Millions of Risks Into One Actionable List

Every security leader walks into Monday morning with the same question. The findings are there.

Qualys Blog →

Qualys Blog Advisory Microsoft Adobe Jun 9

Microsoft and Adobe Patch Tuesday, June 2026 Security Update Review

Every Patch Tuesday presents a race between defenders applying fixes and attackers seeking opportunities. Microsoft’s June 2026 release is no exception, deli...

Qualys Blog →

Qualys Blog General Qualys Jun 5

Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing

The cybersecurity industry has spent much of the last two years debating how attackers might use AI. That debate matters, but it misses a larger point: defen...

Qualys Blog →

Qualys Blog General Jun 4

From Operating Model to Product: How We Built the ROC for Detection-Speed Remediation

In the first article in this series, we made the case for a prevention-led operating model. This article is about what happened next: the decision to build s...

Qualys Blog →

Qualys Blog General Microsoft Qualys Jun 3

Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike 

Executive Summary Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery network, cutting patch prop...

Qualys Blog →

Qualys Blog TTPs Amazon Intel Jun 2

The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs

Key Takeaways The Rise of Cloud-Native Command and Control (C2) Command and control (C2) infrastructure traditionally lived outside the victim environment. M...

T1071

Qualys Blog →

Qualys Blog General Intel Docker Kubernetes May 28

Extending EOL/EOS Software Intelligence Across Containers, Kubernetes, and Modern Workloads

Key Takeaways Software inventory used to stop at the server. Modern application delivery erased that boundary.

Qualys Blog →

Qualys Blog CVE Qualys Linux May 20

CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path

The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel’s __ptrace_may_acce...

T1548 1 IOC

Qualys Blog →

1 2 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA