Security news aggregator

Latest coverage for End of Life

Stay informed on End of Life protocols for software & devices to enhance your information security. Learn the risks and best practices with our latest news.

74 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

End of life (EOL) marks the point when a software or hardware product is retired by its developer or manufacturer, typically ending maintenance, security updates, and technical support. Organizations should distinguish EOL from end of support or other lifecycle dates because vendors may stop sales, standard support, or security fixes at different times. An EOL asset can continue to operate, but its risk profile changes once newly discovered vulnerabilities are no longer patched.

Security teams should identify EOL assets through inventory and vulnerability-management processes, prioritize replacement or supported upgrades, and verify that dependent applications and configurations remain compatible. Where immediate replacement is impractical, risk can sometimes be reduced with network isolation, restricted administration, least-privilege access, monitoring, and documented exceptions; these controls do not restore vendor fixes. EOL systems also require explicit consideration in incident-response plans and privacy or compliance assessments, particularly when they process sensitive data or provide externally reachable services.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 74

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. [...]

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the CVE documents a historic supply-chain attack in an End-of-Life (EoL) software product, not a new attack. [...]

Snarfing up config files for 'thousands' of devices…just for giggles, we're sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.…

Bank Info Security 1 year, 1 month ago

Unpatched Buffer Overflow in Schneider Home Devices

Vulnerability Could Enable Remote Code Injection AttacksWhen the lights start flickering in homes equipped with Schneider Electric end-of-life smart switches, it could be hackers, now that the French company disclosed a remotely exploitable vulnerability that won't receive a patch. No hacking has been reported to date.

Loading more headlines...