Enterprise AI still smarting from leaping before looking
Majority report AI-related security incidents or vulnerabilities
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Majority report AI-related security incidents or vulnerabilities
Report claims more vulnerabilities created than fixed as remediation gap widens Veracode has posted its annual State of Software Security report, based on data from 1.6 million applications tested on its cloud platform, finding that more vulnerabilities are being created than are being fixed, and that high-velocity development with AI is making comprehensive security unattainable.…
Rapid7 warns flaw could let any app peek at your SMS, but smartphone vendor won't pick up Security researchers report that OnePlus smartphone users remain vulnerable to a critical bug that allows any application to read SMS and MMS data — a flaw that has persisted since late 2021.…
Maddening techno loop, Zoolander reference, and 14 minutes of time wasted A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a video alongside a written explanation.…
Said bugs 'can have significant implications' – glad to hear that from Redmond Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.…
These are the kinds of bugs APTs thrive on, just ask the Feds Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.…
WatchTowr publishes report claiming vendor failed to issue fixes after four months Infosec boffins say they were forced to go public after QNAP failed to fix various vulnerabilities that were reported to it months ago.…
Takes rare step of issuing patches for end-of-life versions, as some staff report end-of-career letters VMware has disclosed a critical vulnerability in its vCenter Server – and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software.…
Rubrik Zero Lab’s ‘The Hard Truths’ annual report into the state of data security Webinar It seems no longer possible to imagine whether it's just a case of if a security breach will occur within your organization, or if malicious actors will exploit a vulnerability to play havoc with your data. Rather, it's just a question of when.…
How to manage your cloud and container vulnerabilities at scale Webinar There's nothing complicated about the statistics released in Sysdig's latest report. They're alarming and should keep many an IT team up at night.…
No need for ignominy when a flaw is found GitHub is offering a scheme for security researchers to privately report vulnerabilities found in public repositories.…
Good time to be selling automation tools The US government's Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal civilian agencies to scan for and report software vulnerabilities in their IT systems more frequently under a directive issued this week.…
Report finds increase in anonymous vuln reports The number of vulnerability reports provided by Chinese information security researchers has fallen sharply, according to research by think tank The Atlantic Council, which also found a strangely commensurate increase in bug reports from unknown sources.…
Will it be enough to prevent the next software supply-chain attack? Google has created a bug bounty program that will reward those who find and report vulnerabilities in its open-source projects, thereby hopefully strengthening software supply-chain security.…
Palo Alto Networks Unit 42 incident response team warns of patch speedups Palo Alto Networks' annual Unit 42 incident response report is out, warning of an ever-decreasing gap between vulnerability disclosures and an increase in cybercrime.…
Internal beauracy and barriers hold up roll out of defenses, report finds Ask 1,000 CIOs whether they believe their organizations are vulnerable to cyberattacks targeting their software supply chains and about 82 percent can be expected to say yes.…
No EVs were damaged in the making of this report Researchers from the University of Oxford published details of a vulnerability in the Combined Charging System that has the potential to abort charging.…