![vmware](https://img.helpnetsecurity.com/wp-content/uploads/2022/05/19125355/vmware-1600-hns-400x200.jpg)
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)
VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …
![CVE Prioritizer](https://img.helpnetsecurity.com/wp-content/uploads/2024/02/12143410/cve_prioritizer-1400-400x200.jpg)
CVE Prioritizer: Open-source tool to prioritize vulnerability patching
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to …
![CVEMap](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/24090507/cvemap-400x200.jpg)
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined …
![vulnerability](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12090833/vulnerability-bug-400x200.jpg)
45% of critical CVEs left unpatched in 2023
Global attack attempts more than doubled in 2023, increasing 104%, according to Armis. Blind spots and critical vulnerabilities are worsening, with 45% of critical CVEs …
![Atlassian Confluence](https://img.helpnetsecurity.com/wp-content/uploads/2024/01/16183650/confluence-red-1400-400x200.jpg)
Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)
Atlassian has patched a critical vulnerability (CVE-2023-22527) in Confluence Data Center and Confluence Server that could lead to remote code execution. The good news is that …
![Michael Gorelik](https://img.helpnetsecurity.com/wp-content/uploads/2023/12/04115057/michael_gorelik-2-morphisec-400x200.jpg)
Creating a formula for effective vulnerability prioritization
In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik …
![patch tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12093057/patch-tuesday-computers-400x200.jpg)
December 2023 Patch Tuesday: 33 fixes to wind the year down
Microsoft’s December 2023 Patch Tuesday is a light one: 33 patches, only four of which are deemed critical. “This month, Microsoft did not patch any zero-day …
![Java](https://img.helpnetsecurity.com/wp-content/uploads/2023/10/26165425/java-logo-400x200.jpg)
The hidden costs of Java, and the impact of pricing changes
An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone …
![CVE-2023-44487](https://img.helpnetsecurity.com/wp-content/uploads/2023/10/10150116/http2rapidreset-400x200.jpg)
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed …
![patch Tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2022/11/08204602/patch-tuesday-2022-400x200.jpg)
October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty
UPDATE: October 10, 12:10 PM PT – October 2023 Patch Tuesday is now live: Microsoft fixes exploited WordPad, Skype for Business zero-days September has been a packed …
![patch tuesday](https://img.helpnetsecurity.com/wp-content/uploads/2023/06/12093102/patch-tuesday-yellow-400x200.jpg)
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)
September 2023 Patch Tuesday is here, with fixes for actively exploited vulnerabilities in Adobe Acrobat and Reader (CVE-2023-26369), Microsoft Word (CVE-2023-36761), and …
![ransomware](https://img.helpnetsecurity.com/wp-content/uploads/2021/08/27135730/ransomware_2_27082021-400x200.jpg)
The ransomware rollercoaster continues as criminals advance their business models
Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege