vulnerability management
Vulnerability reports are arriving faster than GitHub can review them
Across the open source world, people are reporting software flaws in record numbers, and the systems built to verify those reports are straining under the weight. The GitHub …
OpenAI wants AI to fix vulnerabilities, not just find them
OpenAI expanded Daybreak, its cybersecurity initiative that combines AI models, Codex Security, security researchers, maintainers, industry partners, and access controls to …
AWS Continuum brings AI models to code vulnerability management
AWS Continuum for code vulnerabilities, a system built to handle a vulnerability across its lifecycle, from discovery through to a fix, is now available in gated preview. It …
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects
Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live …
CISA orders federal agencies to “patch smarter”
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches …
From critical to controlled: Cutting vulnerabilities in a live manufacturing environment
A vulnerability scanner flags a critical CVSS 10 vulnerability on an industrial asset. The report lands in the boss’ inbox and now he wants to know why we’re sitting on a …
Known vulnerabilities behind most application security incidents
Eight in ten organizations took an application security hit during the past year tied to a vulnerability their team had already cataloged, according to a survey of 902 IT and …
Microsoft Defender Vulnerability Management gets a smarter exposure score
Microsoft Defender Vulnerability Management’s updated exposure score model adds vulnerability risk signals and asset context to help teams understand where risk is …
Building a risk-based vulnerability management program that scales
In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by …
Claude now reviews and fixes vulnerabilities as you write code
Anthropic introduced a security-guidance plugin for Claude Code that reviews code changes for common vulnerabilities and helps Claude identify and fix issues during the same …
Verizon DBIR: Vulnerability exploitation is the dominant initial access vector
Vulnerability exploitation has overtaken stolen credentials as the most common way attackers gain initial access to target networks, according to the 2026 Verizon Data Breach …
AI shrinks vulnerability exploitation window to hours
Time has become organizations’ biggest vulnerability because the gap between vulnerability discovery and exploitation has narrowed to hours, according to Synack’s 2026 State …
Featured news
Resources
Don't miss
- July 2026 Patch Tuesday forecast: Is CVE tracking still practical?
- The open source library holding up your stack might have one maintainer
- Most data brokers won’t tell you what happened to your deletion request
- Microsoft is rewriting Windows patch guidance because of AI
- Extortion crew hijacks Microsoft 365 accounts via fake passkey setup