%term

How Does Vulnerability Scanning Support IT Asset Security?

Jun 30, 2025 By Fidelis Security In Fidelis Security

Traditional IT environments remain vulnerable when scans are done infrequently or manually. Static scanning misses shadow IT ignores transient devices, and often overlooks systems not regularly scheduled for scans. Take the example of a remote office server that was deployed temporarily for a project. If it’s not included in regular scanning schedules, it might run unpatched and unnoticed for months—an easy target for attackers.

Read Post

Fidelis Security

Read more about How Does Vulnerability Scanning Support IT Asset Security?

Gemini 2.5 fixed a major security flaw - but missed these

Jun 29, 2025 By Snyk In Snyk

Gemini 2.5 fixed a major security flaw — but missed these.

View Video

Snyk

Read more about Gemini 2.5 fixed a major security flaw - but missed these

Vulnerability Management Metrics and KPIs: What to Track and Why It Matters

Jun 27, 2025 By Vinugayathri Chinnasamy In Indusface

Vulnerability management is not just about spotting weaknesses. It is about fixing them effectively and staying ahead of attackers. And the urgency has never been clearer: the 2025 Verizon DBIR shows a 34% increase in attackers exploiting vulnerabilities to gain initial access and cause breaches compared to last year’s report. So, how can you be sure you are on the right track? Are you reducing risk efficiently? Are critical vulnerabilities being remediated before they are exploited?

Read Post

Indusface

Read more about Vulnerability Management Metrics and KPIs: What to Track and Why It Matters

AI stopped using this outdated security package

Jun 27, 2025 By Snyk In Snyk

AI stopped using this outdated security package.

View Video

Snyk

Read more about AI stopped using this outdated security package

A 101 Guide to GDPR Vulnerability Assessment

Jun 27, 2025 By Keshav Malik In Astra

The GDPR has compelled a shift in how companies manage personal data. At the heart of GDPR is the requirement to safeguard customer data from unauthorized access, loss, or alteration. GDPR vulnerability assessment is a basic requirement, whether you’re based in the EU or not. If you process the data of EU residents, this assessment isn’t optional.

Read Post

Astra

Read more about A 101 Guide to GDPR Vulnerability Assessment

Software Security: Treat Vulnerabilities Like Regular Bugs! #cybersecurity #softwaresecurity

Jun 26, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Software Security: Treat Vulnerabilities Like Regular Bugs! #cybersecurity #softwaresecurity

Beyond Traditional Threats: The Rise of AI-Driven API Vulnerabilities

Jun 26, 2025 By Wallarm In Wallarm

AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently, defending APIs meant guarding against well-understood threats. But as AI proliferates, automated adversaries, AI-crafted exploits, and business logic abuse have complicated matters. It’s no longer enough to merely patch known flaws; security teams must now contend with intelligent, adaptive attacks that evolve as fast as the technology they target.

Read Post

Wallarm

Read more about Beyond Traditional Threats: The Rise of AI-Driven API Vulnerabilities

From Chaos to Clarity: How to Modernize Vulnerability Management

Jun 26, 2025 By Nucleus Security In Nucleus

Fragmented tools. Manual data wrangling. Burned-out teams. Sound familiar? In this expert roundtable with Trey Ford (CISO, Bugcrowd) and Jeff Gouge (CISO, Nucleus Security), we break down how today’s security leaders can transform vulnerability management from a chaotic, spreadsheet-driven burden into a unified, automated, and trusted function. Watch to learn.

View Video

Nucleus

Read more about From Chaos to Clarity: How to Modernize Vulnerability Management

Why Hackers Ignore Zero-Days (And What They Use Instead)

Jun 26, 2025 By Rubrik In Rubrik

You'd think hackers use the latest zero-day exploits, right? WRONG! PwC's threat intelligence reveals hackers are actually exploiting OLD vulnerabilities that companies just... forgot to patch While cybersecurity teams chase shiny new threats, criminals are walking through the front door with keys we left lying around. The scariest part? Even criminal groups (not just nation-states) are making this their primary attack method.

View Video

Rubrik

Read more about Why Hackers Ignore Zero-Days (And What They Use Instead)

CVE-2025-20281 & CVE-2025-20282: Maximum Severity Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC

Jun 26, 2025 By Andres Ramos In Arctic Wolf

On June 25, 2025, Cisco released patches for two maximum-severity vulnerabilities in Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC). Both flaws allow unauthenticated, remote threat actors to execute commands on the underlying operating system with root privileges via exposed HTTPS APIs. Although similar in outcome, the vulnerabilities are independent and do not require each other to be exploited.

Read Post