patching
AI-driven bug hunting fuels record Microsoft Patch Tuesday
Microsoft has released patches for 570+ vulnerabilities on July 2026 Patch Tuesday, including two that are being leveraged by attackers (CVE-2026-56155 and CVE-2026-56164), …
AI used to help plan the break-in, now it’s doing the break-in
Over the past twelve months, researchers documented intrusions in which AI ran exploitation workflows autonomously, generating thousands of commands across dozens of sessions …
Microsoft is rewriting Windows patch guidance because of AI
Microsoft is recommending that organizations shorten Windows update deployment timelines, warning that advances in AI are reducing the time attackers need to identify and …
OpenAI wants AI to fix vulnerabilities, not just find them
OpenAI expanded Daybreak, its cybersecurity initiative that combines AI models, Codex Security, security researchers, maintainers, industry partners, and access controls to …
AI vulnerability discovery is pushing 2026 CVEs toward 66,000
Vulnerability disclosures are piling up faster in 2026 than anyone expected at the start of the year. The running count for the first few months sits well above the original …
Record Microsoft Patch Tuesday, fresh zero-day
Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher …
From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
A vulnerability scanner flags a critical CVSS 10 vulnerability on an industrial asset. The report lands in the boss’ inbox and now he wants to know why we’re sitting on a …
Claude Security enters public beta with Opus 4.7 vulnerability scanning and patching
Claude Security, previously called Claude Code Security, is in public beta for Claude Enterprise customers. Available in Claude.ai, the capability scans codebases for security …
Product showcase: Cross-platform and third-party endpoint patching with Action1
Keeping endpoints patched is one of the more annoying chores in IT operations. Action1 is a cloud-based autonomous endpoint management platform that addresses this challenge …
Open-source benchmark EVMbench tests how well AI agents handle smart contract exploits
Smart contract exploits continue to drain funds from blockchain projects, even as auditing tools and bug bounty programs grow. The problem is tied to how Ethereum Virtual …
Everyone uses open source, but patching still moves too slowly
Enterprise security teams rely on open source across infrastructure, development pipelines, and production applications, even when they do not track it as a separate category …
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in …
Featured news
Resources
Don't miss
- Two new high severity WordPress vulnerabilities, patch immediately!
- Prompt injection is becoming the XSS of the web agent era
- The script, not the voice, is what makes AI voice phishing work
- The five step plan that cuts security budget waste
- CISA folds its own hard-won lessons into coordinated vulnerability disclosure guidance