Content Paint
Search
Sign in
Membership

vulnerabilities

Patch Tuesday  | Dec 13, 2023
A December Patch Tuesday recap: Azure Logic Apps, Power Platform get critical fix
A December Patch Tuesday recap: Azure Logic Apps, Power Platform get critical fix

A CVSS 9,8 bug that lets attackers spoof legitimate connectors between Microsoft/Azure services is the pick of the bunch...

 |  Patch Tuesday  | Nov 14, 2023
Three Windows zero days are under attack: Patch up.
Three Windows zero days are under attack: Patch up.

"Loaded by default on just about every version of Windows, so it provides a broad attack surface"

SolarWinds  | Oct 31, 2023
SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures
SolarWinds sued by SEC, SolarWinds CISO also charged with fraud

SolarWinds’ poor controls... false and misleading statements and omissions, and the other misconduct... would have violated the federal securities laws even if SolarWinds had not experienced a major, targeted cybersecurity attack"

Security  | Oct 31, 2023
Citrix Bleed: Two ransomware groups now exploiting bug for initial access
Citrix Bleed: Two ransomware groups now exploiting bug for initial access

Here's what you need to do to reduce the threat posed by CVE-2023-4966. But don't delay.

Security  | Oct 27, 2023
Zero day in free Roundcube webmail service exploited to target governments
Zero day in free Roundcube webmail service exploited to target governments

Despite the low sophistication of the group’s toolset, it is a threat to governments in Europe because... a significant number of internet-facing applications are not regularly updated although they are known to contain vulnerabilities.”

Security  | Oct 17, 2023
CVSS 10 Cisco bug is getting exploited, has no patch
CVSS 10 Cisco bug is getting exploited, has no patch

"We have also seen devices... getting the implant successfully installed through an as of yet undetermined mechanism."

 |  Software  | Oct 11, 2023
Patch Tuesday is 20: Curl fix lands, Skype’s under attack and there’s a wormable pre-auth RCE in the mix
Patch Tuesday is 20: Curl fix lands, Skype’s under attack and there’s a wormable pre-auth RCE in the mix

A CVSS 9.8, pre-auth RCE that lets an attacker execute arbitrary code without user interaction is wormable on systems where Message Queuing is enabled.

 |  Security  | Oct 03, 2023
Buffer overflow bug gives root on potentially millions of Linux boxes
Buffer overflow bug gives root on potentially millions of Linux boxes

Do you, or do you not, need to get your knickers in a twist? Well, that depends on your risk tolerance..

Security  | Sep 01, 2023
Academics warn over "problematic metrics and documentation" in CVSS system
Academics warn over "problematic metrics and documentation" in CVSS system

A study out of Germany has highlighted shortcomings in the CVSS system and the way security vulnerabilities are assessed and scored

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.