SAP Patch Day Highlights Critical Risks in Core Business Systems
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
30 results for “vulnerability”
New security disclosures address high-stakes vulnerabilities in NetWeaver and Commerce Cloud, demanding immediate enterprise action.
A multinational security alert warns that outdated network management protocols and neglected hardware are fueling persistent cyberespionage.
Researchers reveal that automated vulnerability scanning tools from Anthropic and OpenAI can be tricked into executing malicious code.
A systemic vulnerability across major AI coding assistants highlights the dangerous failure of human-in-the-loop security protocols.
Microsoft has addressed the RoguePlanet vulnerability, ending a contentious saga with security researcher Nightmare Eclipse.
A critical high-risk vulnerability in Chrome’s Intents feature has been patched, marking the fifth exploited zero-day of the year.
CISOs must pivot from vulnerability visibility to business-aligned remediation to stop the ballooning of enterprise security debt.
A third-party security failure exposed customer data, forcing the retail giant to warn users about the heightened risk of phishing attacks.
Federal agencies face a September 9 deadline to patch a high-severity firewall bug being actively exploited in the wild.
Microsoft anticipates a surge in security updates as AI-accelerated vulnerability discovery becomes the new industry standard.
Microsoft's latest record-breaking security cycle highlights the mounting pressures of AI-driven vulnerability discovery and exploitation.
A credible security threat targeting ShareFile Storage Zone Controllers has prompted emergency shutdowns and ongoing investigations.
Federal agencies face a tight three-day deadline to patch critical remote code execution vulnerabilities in popular Joomla extensions.
A critical vulnerability allows unauthenticated actors to steal OAuth credentials, potentially granting full control over message brokers.
Customers are forced to pull the plug on infrastructure as the vendor probes a mysterious and credible external threat to its file-sharing platform.
Critical RCE flaws in popular Joomla extensions leave unauthenticated websites vulnerable to total compromise by malicious actors.
A severe vulnerability in the Classic Web Client requires immediate patching to prevent unauthorized code execution via email.
Researchers discover a critical vulnerability where AI coding agents are tricked into executing malicious code via hallucinations.
Recent vulnerabilities reveal long-standing memory corruption risks in the Linux kernel that could compromise major cloud environments.
A fix for a critical zero-day vulnerability inadvertently introduces a secondary risk that could lead to complete hard drive exhaustion.
The exploitation of critical Joomla extensions highlights a broader trend of automated campaigns targeting vulnerable CMS plugins globally.
As Jen Ellis becomes a Member of the Order of the British Empire (MBE), the vital link between researchers and policy comes into focus.
A persistent cross-site scripting flaw in Zimbra's classic client underscores the relentless exploitation of enterprise email platforms.
Newly discovered vulnerabilities in the popular U-Boot bootloader could allow attackers to bypass startup security protections entirely.
Three vulnerabilities in the OpenClaw AI assistant allow attackers to bypass sandbox restrictions and execute code on host environments.
Progress Software orders customers to sever internet access to their storage controllers, signaling an escalating, unpatched security risk.
As hackers exploit a critical Gitea Docker flaw, the ease of bypassing authentication exposes the fragility of self-hosted DevOps security.
A high-tech laser attack bypasses security checks on Tangem hardware wallets, highlighting the double-edged sword of unpatchable firmware.
As AI accelerates vulnerability discovery, a surge in 'clearinghouses' highlights a critical shift from mere data sharing to rapid, automated remediation.
Recent reports reveal a vast landscape of cyber threats, from international law enforcement combating social engineering at scale to sophisticated tactics undermining software integrity and user trust.