![CVE](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/23122922/cve-1400-400x200.jpg)
Why cloud vulnerabilities need CVEs
When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk …
![printer](https://img.helpnetsecurity.com/wp-content/uploads/2020/05/14114130/printer-windows-400x200.jpg)
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print …
![CrushFTP](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/23114915/crush_ftp-23042024-1456x816px-400x200.webp)
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The …
![Ivanti](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/19151341/ivanti-blocks2-1400-400x200.jpg)
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of …
![Patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/12195711/patch_tuesday_2024-400x200.webp)
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)
On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked …
![NIST NVD](https://img.helpnetsecurity.com/wp-content/uploads/2024/04/03121316/nist_nvd-1500-400x200.webp)
NVD: NIST is working on longer-term solutions
The recent conspicuous faltering of the National Vulnerability Database (NVD) is “based on a variety of factors, including an increase in software and, therefore, …
![Linux alert](https://img.helpnetsecurity.com/wp-content/uploads/2024/03/29183422/linux-alert-1500-2-400x200.webp)
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
UPDATE: April 9, 09:23 AM ET Two stories have been published since this initial release: Which Linux distros are affected and what can you do? XZ Utils backdoor: Detection …
![CVE](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/23122922/cve-1400-400x200.jpg)
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …
![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/19125355/vmware-1600-hns-400x200.jpg)
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …
![CVE Prioritizer](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/12143410/cve_prioritizer-1400-400x200.jpg)
CVE Prioritizer: Open-source tool to prioritize vulnerability patching
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to …
![CVEMap](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/24090507/cvemap-400x200.jpg)
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined …
![vulnerability](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12090833/vulnerability-bug-400x200.jpg)
45% of critical CVEs left unpatched in 2023
Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD