Security vulnerabilities stories

Armis offers free access to real-time cyber threat database
Today
#
network security
#
ai
#
cybersecurity
Armis launches free Vulnerability Intelligence Database to help security teams anticipate and tackle cyber threats with real-time, AI-driven insights.

in-toto reaches CNCF graduation, boosting software supply chain
Today
#
supply chain & logistics
#
cybersecurity
#
software development
The Cloud Native Computing Foundation has awarded its highest maturity status to in-toto, a security framework ensuring integrity in software development workflows.

Perforce launches upgraded Puppet to cut cyber risk downtime
Today
#
devsecops
#
ai
#
cybersecurity
Perforce Software updates Puppet Enterprise Advanced to accelerate vulnerability fixes and boost collaboration amid rising cyber threats and AI-driven attacks.

Cycode unveils AI Teammates & real-time runtime protection
Today
#
application security
#
devsecops
#
supply chain & logistics
Cycode launches AI Teammates and CI/MON runtime protection to enhance software supply chain security and threat detection in application security.

Tenable reveals privilege risk in Google Cloud Composer flaw
Today
#
storage
#
cloud security
#
breach prevention
Tenable Research revealed a privilege escalation flaw in Google Cloud Composer, risking unauthorised access to key cloud resources before Google's fix.

Socket acquires Coana to cut false positive security alerts
Today
#
application security
#
cybersecurity
#
security vulnerabilities
Socket has acquired cybersecurity startup Coana to enhance its supply chain security platform, cutting false positives by up to 80% for faster threat remediation.

Lasso introduces first security gateway for MCP workflows
Last week
#
ai security
#
open source
#
genai
Lasso has unveiled its MCP Gateway, the first security tool tailored for Model Context Protocol, aiming to bolster safety in generative AI workflows.

Cobalt report reveals gaps in critical vulnerability fixes
Last week
#
devops
#
cloud security
#
apm
Cobalt's 2025 State of Pentesting Report reveals that 31% of serious security vulnerabilities remain unaddressed, despite 81% of leaders' confidence in their security.

Australian firms move to passkeys as cyber threats bypass MFA
Last week
#
ransomware
#
mfa
#
phishing
Australian organisations face rising cyber threats bypassing MFA, prompting a shift to passwordless authentication and a AUD $288.1 million government security boost.

Microsoft April Patch Tuesday highlights zero-day risks
This month
#
ransomware
#
cybersecurity
#
microsoft
Microsoft's recent Patch Tuesday sparked scrutiny with a 40-minute delay in updates and notable vulnerabilities, including a critical zero-day in the CLFS Driver.

Black Talon Security promotes Paul Murphy to growth role
This month
#
data protection
#
cybersecurity
#
security vulnerabilities
Black Talon Security has elevated Paul Murphy to Chief Growth Officer, aiming to boost strategies and partnerships in the dental and healthcare sectors.

Delving into windows CE, part 3: Introducing Team82’s open-source debugger
This month
#
devops
#
apm
#
software development
Team82 has unveiled an open-source debugger aimed at simplifying the analysis of Windows CE applications, crucial for security researchers in legacy environments.

UK unveils Cyber Security & Resilience Bill advancements
This month
#
advanced persistent threat protection
#
supply chain & logistics
#
risk & compliance
The UK government has unveiled the Cyber Security and Resilience Bill, aiming to bolster protections for critical infrastructure against rising cyber threats.

Research reveals smart TV vulnerabilities threaten networks
Last month
#
iot
#
displays & projectors
#
genai
Research by CYFOX has uncovered critical vulnerabilities in smart TVs that threaten corporate networks, highlighting a broader industry security concern.

Massive attack on GitHub affects over 23,000 repositories
Last month
#
cybersecurity
#
software development
#
security vulnerabilities
A recent cyber attack has compromised over 23,000 GitHub repositories, raising alarms over software supply chain security and the exploitation of trusted components.

GitHub Action compromise affects over 23,000 repositories
Last month
#
open source
#
software development
#
security vulnerabilities
A malicious commit in the tj-actions/changed-files GitHub Action, used in over 23,000 repositories, threatens software security across numerous CI pipelines.

Tenable warns DeepSeek AI model can be breached for malware
Last month
#
malware
#
ransomware
#
genai
Tenable Research has raised alarms over security vulnerabilities in the generative AI model DeepSeek R1, warning it could simplify malware creation.

Nozomi Networks honoured on Fast Company's 2025 list
Last month
#
iot security
#
advanced persistent threat protection
#
physical security
Nozomi Networks has been ranked third in Fast Company's World’s Most Innovative Companies 2025 for its pivotal work in securing critical infrastructure from cyber threats.

JFrog & NVIDIA team up to enhance secure AI deployments
Last month
#
application security
#
advanced persistent threat protection
#
devsecops
JFrog has incorporated NVIDIA NIM microservices into its Software Supply Chain Platform, enhancing secure AI model deployment and streamlining enterprise solutions.

Rising ICS/OT cyber threats due to budgetary imbalances
Last month
#
it training
#
cybersecurity
#
security vulnerabilities
A recent SANS Institute and OPSWAT report reveals serious shortcomings in ICS/OT cybersecurity budgets, with over half of organisations experiencing security incidents last year.