Security news aggregator

Latest coverage for Vulnerability

Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.

37 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.

Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.

Showing 20 most recent headlines of 37 Filtered view

Early Tests of New Anthropic AI Model Show Fast Detection, Better Flaw CorrelationCrowdStrike's early testing of Anthropic's new Claude Mythos Preview AI model shows faster vulnerability detection and improved cross-system context, signaling a shift toward AI-driven security operations that compress discovery-to-response timelines and force new defensive frameworks.

Just what FOSS developers need – a flood of AI-discovered vulnerabilities Opinion Anthropic describes Project Glasswing as a coalition of tech giants committing $100 million in AI resources to hunt down and fix long-hidden vulnerabilities in critical open source software that it's finding with its new Mythos AI program. Or as The Reg put it, "an AI model that can generate zero-day vulnerabilities."…

Bank Info Security 3 months, 1 week ago

Claude Mythos Preview Creates Early Edge for Cyber Titans

Project Glasswing Strengthens Key Platforms, Leaves Broad Exposure UntouchedProject Glasswing is giving select cybersecurity giants early access to Anthropic’s Claude Mythos Preview, boosting investor confidence in leaders Palo Alto Networks and CrowdStrike while raising concerns that smaller vendors, vulnerability firms and the broader internet will fall further behind.

Bank Info Security 3 months, 1 week ago

Zero Days for the Masses: Mythos Presages Exploit Tsunami

Asymmetry Between Exploits Wielded by Nation-States and Hackers Will DisappearAnthropic's announcement that its Mythos Preview large language model can find serious zero-day flaws across all manner of code bases old and new, and quickly chain vulnerabilities together to build working exploits, promises to democratize access to such capabilities.

Even fitness equipment is vulnerable to mischief makers these days PWNED Welcome back to Pwned, the column where we share war stories from IT soldiers who shot themselves – or watched someone else shoot themselves – in the foot. Today's tale shows that even when you're setting up something as simple as fitness gear, there's no excuse for leaving security credentials lying around.…

Bank Info Security 3 months, 1 week ago

Why Claude Mythos Shifts Focus From Finding to Fixing Bugs

But Expect Plenty of Bottlenecks in Coordination, Validation and Patch DeploymentAnthropic's Claude Mythos Preview shows how AI can discover and chain vulnerabilities at scale, but the bigger challenge for defenders is redesigning disclosure, triage and patching processes so fixes can be deployed safely before attackers exploit the gap.

Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to find and address security vulnerabilities

Loading more headlines...