U.S. federal civilian agencies must patch, disable, or isolate externally reachable critical vulnerabilities within 72 hours as attackers leverage AI for faster exploitation.
31–50% of former employees retain access to unmanaged cloud services because these are not linked to central identity systems and are not automatically disabled when employees leave.
The security filter in Claude 3.5 Sonnet blocks legitimate security requests, limiting its usability for CTOs performing security audits and vulnerability assessments.
A misconfigured API endpoint in ServiceNow allowed unauthenticated access to customer tables — remediation was delayed by more than six weeks after the bug bounty report.
Ubiquiti UniFi OS contains multiple critical security vulnerabilities that can lead to unauthenticated code execution, information disclosure, and privilege escalation.
A 19-year-old validation flaw in the CIFS kernel subsystem allows local attackers to gain root privileges through forged authentication requests and NSS library manipulation.
VerdantBamboo strategically exploits Linux appliances in under-protected network positions as an access bridge to compromise high-value targets and bypass network security mechanisms.
Anthropic calls for an aviation-like regulatory authority or commissioned private auditors to examine AI models for critical risks before their release.
Stormshield launches the SNi50, an OT firewall with network segmentation, protocol inspection, and VPN remote maintenance designed to ensure high availability and NIS2 compliance for critical infrastructure.