Stay informed on End of Life protocols for software & devices to enhance your information security. Learn the risks and best practices with our latest news.
Search across headline titles and summaries.
Background for this topic.
End of Life (EOL) is a term that signifies the point at which software or hardware is no longer supported by its manufacturer or developer. After this stage, the product will no longer receive updates, including critical security patches or technical assistance.
In the context of information security, EOL is a critical phase that can expose users to increased risks. As vulnerabilities are discovered over time, unsupported products become attractive targets for cybercriminals. Without the protective measure of security updates, these products can turn into weak points within an organization's or individual's security infrastructure, potentially leading to data breaches or other security incidents. Therefore, it's essential for users and administrators to closely monitor the life cycle of their software and hardware assets and proactively upgrade or replace them before they reach EOL to maintain a strong security posture.
Weekly headline count for the current query.
Critical vulnerabilities can exist in open source software your scanners don't check. HeroDevs reveals how EOL software creates blind spots in CVE feeds and SCA tools, and how you can receive a free end-of-life scan for your projects. [...]
Critical vulnerabilities can exist in open source software your scanners don't check. HeroDevs reveals how EOL software creates blind spots in CVE feeds and SCA tools, and how you can receive a free end-of-life scan for your projects. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers. [...]
Hackers are attacking a critical zero-day flaw in unsupported D-Link DSL routers to run arbitrary commands.
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. [...]
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. [...]
D-Link is warning of three remotely exploitable command execution vulnerabilities that affect all models and hardware revisions of its DIR-878 router, which has reached end-of-service but is still available in several markets. [...]
Thousands of ASUS WRT routers, mostly end-of-life or outdated devices, have been hijacked in a global campaign called Operation WrtHug that exploits six vulnerabilities. [...]
A newly discovered campaign has compromised tens of thousands of outdated or end-of-life (EoL) ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network
Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. [...]
A new report from TeamViewer found that 40% of global endpoints still run Windows 10, just days before security updates and support ends for the operating system
Windows 10 reaches end-of-life on Oct. 14, which will triple the number of vulnerable enterprise systems and create a massive attack surface for cybercriminals.
Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos
In the past year, "Static Tundra," aka "Energetic Bear," has breached thousands of end-of-life Cisco devices unpatched against a 2018 flaw, in a campaign targeting enterprises and critical infrastructure.
Snarfing up config files for 'thousands' of devices…just for giggles, we're sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.…
Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products
Someone's OVERSTEPing the mark Unknown miscreants are exploiting fully patched, end-of-life SonicWall VPNs to deploy a previously unknown backdoor and rootkit, likely for data theft and extortion, according to Google's Threat Intelligence Group.…
A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP
Vulnerability Could Enable Remote Code Injection AttacksWhen the lights start flickering in homes equipped with Schneider Electric end-of-life smart switches, it could be hackers, now that the French company disclosed a remotely exploitable vulnerability that won't receive a patch. No hacking has been reported to date.
A new NCSC guide offers useful information on how to safely and securely dispose of end-of-life assets