WebSafe 3.7csoonline.com
|
|
🏠

Americas

  • United States

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

Vulnerabilities

Vulnerabilities | News, how-tos, features, reviews, and videos

Latest from today

News
Image

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

Hardening had to be done after a threat actor compromised updates with a custom backdoor.

By Howard Solomon
5 mins
CybercrimeDevopsSoftware Deployment
News Analysis
Image

Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years

By Lucian Constantin
4 mins
SecurityVulnerabilitiesZero-Day Vulnerabilities
News
Image

Flaws in four popular VS Code extensions left 128 million installs open to attack

By Gyana Swain
4 mins
SecurityVulnerabilities
News

Exploit available for new Chrome zero-day vulnerability, says Google

By Howard Solomon
4 mins
Browser SecurityEndpoint ProtectionZero-Day Vulnerabilities
News

Critical BeyondTrust RS vulnerability exploited in active attacks

By Lucian Constantin
3 mins
CyberattacksNetwork SecurityVulnerabilities
News

Researchers unearth 30-year-old vulnerability in libpng library

By John Leyden
3 mins
Open SourceSecurityVulnerabilities
News

Battling bots face off in cybersecurity arena

By Maxwell Cooter
2 mins
APIsCloud SecurityZero-Day Vulnerabilities
News

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

By Howard Solomon
7 mins
BotnetsCyberattacksCybercrime
News

February 2026 Patch Tuesday: Six new and actively exploited Microsoft vulnerabilities addressed

By Howard Solomon
8 mins
SecurityVulnerabilities

Articles

news

BeyondTrust fixes critical RCE flaw in remote access tools

Enterprises are urged to patch self-hosted versions of both Remote Support and Privileged Remote Access due to a 9.9-severity vulnerability that could lead to system compromise.

By Lucian Constantin
Feb 10, 2026 3 mins
Network SecurityRemote Access SecurityVulnerabilities
news

SolarWinds WHD zero-days from January are under attack

Analysis of real-world incidents reveals that attackers are chaining multiple flaws to compromise the ticketing and support application.

By John E. Dunn
Feb 10, 2026 4 mins
IT ManagementVulnerabilitiesZero-Day Vulnerabilities
news

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Anthropic didn’t dispute the security report, but suggested it would only be caused by user error, where users deliberately installed the tools and granted the appropriate permissions.

By Evan Schuman
Feb 9, 2026 8 mins
Artificial IntelligenceSecurityVulnerabilities
news

Six more vulnerabilities found in n8n automation platform

Four of the holes, which allow remote code execution and command injection, are rated as critical.

By Howard Solomon
Feb 6, 2026 5 mins
Development ToolsSecurityVulnerabilities
brandpostSponsored by Action 1

4 big mistakes you're probably still making in vulnerability management…and how to fix them

Vulnerability management isn’t about checking boxes anymore—it’s about real-time visibility, risk prioritization, and automation that keeps you one step ahead of threats.

By Action 1
Apr 28, 2025 4 mins
Endpoint ProtectionRisk ManagementVulnerabilities
news

Claude AI finds 500 high-severity software vulnerabilities

Anthropic is reporting the flaws to developers — but only after having humans verify them.

By Maxwell Cooter
Feb 6, 2026 2 mins
Generative AIVulnerabilitiesZero-Day Vulnerabilities
news

Four new vulnerabilities found in Ingress NGINX

Two carry CVSS scores of 8.8, demanding that admins upgrade to the latest versions of the controller.

By Howard Solomon
Feb 5, 2026 4 mins
Network SecuritySecurityVulnerabilities
news

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

By Shweta Sharma
Feb 5, 2026 4 mins
Endpoint ProtectionVulnerabilitiesWindows Security
news

Microsoft develops a new scanner to detect hidden backdoors in LLMs

Microsoft’s research shows how poisoned language models can hide malicious triggers, creating new integrity risks for enterprises using third-party AI systems.

By Prasanth Aby Thomas
Feb 5, 2026 4 mins
Artificial IntelligenceSecurityVulnerabilities
news analysis

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old standbys, like broken access control, are still at the top.

By Maria Korolov
Feb 5, 2026 8 mins
SecuritySoftware DevelopmentVulnerabilities
news

Threat actors hijack web traffic after exploiting React2Shell vulnerability

Researchers at Datadog Security say the hackers are pivoting to hit NGINX web servers.

By Howard Solomon
Feb 4, 2026 4 mins
CyberattacksCybercrimeVulnerabilities
news

Russian hackers exploited a critical Office bug within days of disclosure

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

By Shweta Sharma
Feb 4, 2026 4 mins
MalwareSecurityVulnerabilities
news

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but also endanger connected Ivanti Sentry mobile traffic gateways.

By Lucian Constantin
Jan 30, 2026 4 mins
Network SecuritySecurityVulnerabilities
View all

Resources

whitepaper

Stay ahead of cybersecurity risks with an integrated security experience

Protect your business from cyberthreats with less day-to-day management

The post Stay ahead of cybersecurity risks with an integrated security experience appeared first on Whitepaper Repository –.

By Spectrum Business
24 Dec 2025
Artificial IntelligenceCybercrimeVulnerabilities
Image
View all

Video on demand

video

Printers: The overlooked security threat in your enterprise | TECHtalk

Printers, often a forgotten target in the enterprise, are vulnerable to all the usual cyberattacks. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp and CSO Online’s J.M. Porup discuss the threats to these devices, plus how to secure them and protect your network.

Nov 7, 2019 20 mins
Computers and PeripheralsHackingVulnerabilities
See all videos

Explore a topic

Show me more

news

Keenadu: Android malware that comes preinstalled and can’t be removed by users

By Shweta Sharma
4 mins
Endpoint ProtectionMalwareMobile Security
Image
opinion

Discipline is the new power move in cybersecurity leadership

By Marco Túlio Moraes
8 mins
BudgetingIT LeadershipIT Management
Image
opinion

A new approach for GenAI risk protection

By Gregory S. Smith
5 mins
Generative AIIntrusion Detection SoftwareSecurity Monitoring Software
Image
podcast

How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA

By Joan Goodchild
28 mins
CyberattacksCybercrime
Image
podcast

Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target

By Joan Goodchild
23 mins
CybercrimeSmall and Medium Business
Image
podcast

CSO Executive Session ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity

By Estelle Quek
28 mins
CyberattacksCybercrimeHuman Resources
Image
video

How Intelligence and AI Are Changing Cyber Defense | Erin Whitmore, Former CIA

By Joan Goodchild
28 mins
CyberattacksCybercrime
Image
video

Inside the SMB Threat Landscape: AT&T’s Senthil Ramakrishnan on Why Small Businesses Are Cybercrime’s Favorite Target

By Joan Goodchild
23 mins
CybercrimeSmall and Medium Business
Image
video

CSO Executive Sessions ASEAN: The Human Firewall-Retention, AI Readiness, and Women in Cybersecurity

By Estelle Quek
28 mins
CyberattacksCybercrimeHuman Resources
Image