AI-driven discovery, NIST’s retreat from universal enrichment, and the end of “good enough” vulnerability managementKey takeawaysAI-driven discovery tools are accelerating CVE volume, resulting in an ...

Researcher Ryan Dewhurst released the WPScan Vulnerability Database, a database housing security vulnerabilities in WordPress core code, plug-ins and themes. It’s available for pen-testers, WordPress ...

Get the latest federal technology news delivered to your inbox. Despite goals set last year by the National Institute of Standards and Technology to process a backlog of unanalyzed cybersecurity ...

A critical remote code execution flaw in GitHub was patched by Microsoft in roughly two hours after public disclosure, ...

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and ...

The National Vulnerability Database (NVD) is well known in IT security as the source of record for all vulnerabilities which have been assigned a CVE (Common Vulnerabilities and Exposures) enumeration ...

Organizations traditionally have struggled to track vulnerabilities in public cloud platforms and services because of the lack of a common vulnerability enumeration (CVE) program like the one that ...

Juhan Lepassaar, Executive Director at ENISA. Image: Hubert Burda Media/Flickr The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit ...

The European Union Agency for Cybersecurity (Enisa) has debuted a European Union Vulnerability Database (EUVD) to provide “aggregated, reliable and actionable” information on newly disclosed cyber ...

The flaw ‘broke one of the fundamental things about the cloud – that you can’t access another person’s data,’ says security provider Wiz. Cloud security provider Wiz disclosed Thursday that earlier ...