CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

Oracle patches roughly 230 unique CVEs across more than 30 products with its first Critical Patch Update (CPU) released in ...

This Google Chrome vulnerability could leave your apps exposed to attack. You have been warned. Update your browser now.

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

The CVE security program used to track vulnerabilities in both hardware and software has had its federal funding removed with immediate effect. Apple is one of a number of tech giants who rely on the ...

A new patch fixes six important GitLab flaws ...

CVE funding gets last-minute funding reprieve A MITRE head told CVE board members that government funding is about to expire Some have called the move "reckless and ignorant" US government funding for ...

The patched issues span core standard library components including archive/zip and net/http, as well as security-sensitive ...

Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability disclosures and backdating blog posts. According to the company, Gecko ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

The Common Vulnerability and Exposures, or CVE, repository holds the answers to some of information security’s most vital questions. Namely, which security issue are we talking about, exactly, and how ...