Communications of the ACM

Exposing Common Vulnerabilities

Common vulnerabilities and exposures (CVEs) include all types of subversive entry-points discovered in programs, along with a ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...
Dark Reading

Managing Software Risk in a World of Exploding Vulnerabilities

It's a perfect storm: The cost of a data breach is rising, known cyberattacks are becoming more frequent, security expertise is in short supply, and the demand for connectedness — to deliver and act ...
Forbes

The World Still Needs A CVE Program

For the last 25 years since its inception, the CVE Program (Common Vulnerabilities and Exposures) continues to be the dominant way of referencing security vulnerabilities and an important cornerstone ...
AZ Central

Common Cloud Vulnerabilities: Understanding the Risks

Companies continue to create new software and apps or migrate existing ones to cloud-based services. However, a company that adopts cloud computing services without understanding the risks involved ...
SiliconANGLE

NetRise updates platform to help teams prioritize real-world software vulnerabilities

Software supply chain startup NetRise Inc. today announced a major update to its platform aimed at improving how organizations identify and manage vulnerabilities in the software running on devices ...
Forbes

CVE’s Near Cybersecurity Miss Averted — But The World Must Step Up

The cybersecurity world, shocked by the near-shutdown of the CVE system — a quiet crisis that nearly disrupted the backbone of global vulnerability coordination. In cybersecurity, some moments pass ...
Ars Technica

Ivanti warns of critical vulnerability in its popular line of endpoint protection software

Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected ...
SiliconANGLE

Mondoo raises $17.5M to fix software vulnerabilities with AI agents

Mondoo Inc. is pitching its capabilities as the first “agentic vulnerability management” platform to not only categorize but entirely eliminate threats in software after raising $17.5 million in ...
TechCrunch

Software supply chain security remains a challenge for most enterprises

Log4j, maybe more than any other security issue in recent years, thrust software supply chain security into the limelight, with even the White House weighing in. But even though virtually every ...
Infosecurity-magazine.com

MITRE Unveils Top 25 Most Critical Software Flaws

Cross-site scripting has been identified as the most critical software flaw of the past year, according to a recent report from MITRE. The nonprofit’s latest Top 25 Most Dangerous Software Weaknesses ...
Electronic Specifier

5 common security flaws in embedded Linux systems

Embedded Linux systems are becoming increasingly common due to their superior accessibility, cost-effectiveness, and ...