vulnerability management
AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It …
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live …
CISA orders federal agencies to “patch smarter”
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches …
From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
A vulnerability scanner flags a critical CVSS 10 vulnerability on an industrial asset. The report lands in the boss’ inbox and now he wants to know why we’re sitting on a …
Known vulnerabilities behind most application security incidents
Eight in ten organizations took an application security hit during the past year tied to a vulnerability their team had already cataloged, according to a survey of 902 IT and …
Microsoft Defender Vulnerability Management gets a smarter exposure score
Microsoft Defender Vulnerability Management’s updated exposure score model adds vulnerability risk signals and asset context to help teams understand where risk is …
Building a risk-based vulnerability management program that scales
In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by …
Claude now reviews and fixes vulnerabilities as you write code
Anthropic introduced a security-guidance plugin for Claude Code that reviews code changes for common vulnerabilities and helps Claude identify and fix issues during the same …
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach …
AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State …
Linux developers weigh emergency “killswitch” for vulnerable kernel functions
Linux kernel developers are reviewing a proposal for an emergency risk mitigation mechanism (“Killswitch”) that would allow administrators to disable vulnerable …
Claude Mythos finds 271 Firefox flaws, Mozilla believes it shifts security toward defenders
The Mozilla Foundation tested Claude Mythos, an Anthropic AI model that has stirred debate in the cybersecurity community. Before granting access to Mythos, Mozilla scanned …
Featured news
Resources
Don't miss
- Klue breach lead to Salesforce data theft, Huntress affected
- Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)
- Your browser tab could become encrypted storage for someone else’s files
- Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
- 74,000 Fortinet firewall credentials exposed in FortiBleed data leak