SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...
Infosecurity-magazine.com

NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled

A recent rise in software vulnerability exploits has come as the US National Vulnerability Database (NVD), the world’s most comprehensive vulnerability database, experiences its most significant ...
Security Boulevard

The CVE Treadmill: Why You Can’t Patch Your Way to Security

Patching alone no longer stops breaches. Learn why CVE-based vulnerability management is failing and how runtime visibility reveals what’s truly exploitable in your environment.
Business Wire

VulnCheck to Support the CVE Program Through Potential Contract Transition

LEXINGTON, Mass.--(BUSINESS WIRE)--VulnCheck, the exploit intelligence company, today pledged its full support behind MITRE and the decades’ worth of positive contributions that MITRE has made to the ...
Dark Reading

Delinea Joins CVE Numbering Authority Program

SAN FRANCISCO--(BUSINESS WIRE)--Delinea, a pioneering provider of solutions for securing identities through centralized authorization, today announced it has been authorized by the Common ...
heise online

US cuts: CVE list could stop immediately

The mother of all vulnerability databases, the MITRE Corporation's Common Vulnerabilities and Exposures (CVEs), could go offline in the next few hours. This is because the US government is not ...