Security news aggregator

Latest coverage for Vulnerability

Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.

35 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.

Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.

Showing 20 most recent headlines of 35 Filtered view

Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent Apple has updated its iOS/iPadOS 18.3.1 documentation, confirming it introduced fixes for the zero-click vulnerability used to infect journalists with Paragon's Graphite spyware.…

Bank Info Security 1 year, 1 month ago

Governments Embrace Secure by Design to Curb Cyberthreats

NextJenSecurity Founder Calls for Global Policy Shifts to Reduce VulnerabilitiesGovernments worldwide are shifting from reactive responses to preventive strategies to tackle ransomware attacks. Jen Ellis, founder of NextJenSecurity, stresses the need for vulnerability accountability and secure-by-design policies to tackle systemic cybersecurity flaws.

Bank Info Security 1 year, 1 month ago

Vulnerability Databases Face Accuracy and Access Gaps

VulnCheck's Garrity on the Uncertainty of the CVE Ecosystem and EUVD's LimitationsFunding shortages and incomplete coverage in critical vulnerability databases are increasing the risk for defenders. Patrick Garrity, security researcher at VulnCheck, discusses how data gaps and scoring confusion hinder response strategies for potential cyberattacks.

Bank Info Security 1 year, 1 month ago

Microsoft Patches Zero-Day Exploited by Emirati Hackers

Check Point: 'Stealth Falcon' Exploited WebDAV FlawMicrosoft on Tuesday patched a zero-day vulnerability in WebDAV that was exploited by UAE-linked threat actors as part of an espionage campaign in the Middle East and Africa. Check Point attributed the campaign to the Emirates APT group Stealth Falcon.

Bank Info Security 1 year, 1 month ago

AI May Fix a 15-Year-Old Bug It Helped Spread

Researchers Turn to AI to Fix a Zombie Flaw that AI Helped PropagateArtificial intelligence tools that inadvertently perpetuated a decade-old bug may now also help eliminate it. The path traversal vulnerability became so embedded in developer culture that it found its way into training data for today’s AI models.

Loading more headlines...