CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by ...

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities ...

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...

With vulnerability exploitation nearly doubling and critical weaknesses continuing to rise, it's clear that threat actors are accelerating their efforts while software ecosystems grow more complex.

BURLINGTON, Mass., Nov. 12, 2024 /PRNewswire/ -- Black Duck® Software, Inc. ("Black Duck") today announced the publication of the "2024 Software Vulnerability Snapshot" report highlighting various ...

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...

The vulnerabilities disclosed in this release span multiple components of OpenSSL and affect a wide range of supported ...

For a software vendor, telling the world about the latest security vulnerability is always a delicate balancing act. Customers need information quickly, starting with the flaw’s severity rating and ...