Security news aggregator

Latest coverage for Disclosure

Stay informed on the latest in security disclosure practices. Keep your data safe with insights and updates on the newest disclosure trends in cybersecurity.

94 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Disclosure in the context of information security is the process of revealing information related to security vulnerabilities, incidents, or privacy breaches. Effective and responsible disclosure is critical in the realm of cybersecurity as it involves the communication of weaknesses or breaches to the appropriate parties, enabling them to take action in protecting their systems and data.

Disclosure can take multiple forms, including private disclosure to the affected vendor, coordinated disclosure where the discoverer and vendor work together to address the vulnerability before releasing information publicly, and full public disclosure where details of the vulnerability are released openly, possibly before a fix is available. The chosen method typically balances the need for transparency with the potential risks of informing potential attackers about a security flaw.

In information security, appropriate disclosure is instrumental in fostering collaboration between security researchers, businesses, and users to ensure vulnerabilities are addressed promptly and effectively. This helps maintain the integrity, confidentiality, and availability of information systems in the face of emerging threats.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 94 Filtered view

Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in an enterprise setting. It’s a critical unauthenticated stack-based buffer overflow that can give a remote […]

More from Security Affairs 3 Jun 2026, 5:03 p.m. CVE-2026-0826 CVE Critical Disclosure Patch Remote Code Execution Root Unauthenticated VoIP

An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclosed vulnerability

More from The Hacker News 30 May 2026, 2:39 a.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Cloud Compromise Credentials Disclosure Exploit Initial Access Threat Actor Vulnerability

The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by May 17, 2026

More from The Hacker News 15 May 2026, 5:28 p.m. Incident · 7 stories Actively exploited CVE-2026-20182 America Authentication Bypass CISA CVE Cisco Critical Disclosure Exploit Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild

More from The Hacker News 3 May 2026, 6:26 p.m. Incident · 7 stories Actively exploited CVE-2026-31431 America CISA CVE Disclosure Flaw Linux Privilege Escalation Root Vulnerability

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation in the wild within 36 hours of the bug becoming public knowledge

More from The Hacker News 29 Apr 2026, 5:34 p.m. Incident · 3 stories Actively exploited CVE-2026-42208 CVE Critical Disclosure Flaw Python SQL Threat Actor Vulnerability

Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an authenticated user to obtain remote code execution with a single "git push" command

More from The Hacker News 29 Apr 2026, 6:19 a.m. Incident · 2 stories CVE-2026-3854 CVE Critical Disclosure Flaw Github Remote Code Execution Research Vulnerability

A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig

More from The Hacker News 10 Apr 2026, 7:37 p.m. Incident · 4 stories Actively exploited CVE-2026-39987 CVE Critical Disclosure Flaw Open Source Python Remote Code Execution Vulnerability