Patched WinRAR vulnerability remains a favorite tool for hackers and spies

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...

CISA says critical VMware RCE flaw now actively exploited

CISA has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered U.S. federal agencies to secure their servers within three weeks.
Infosecurity-magazine.com

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

The scale of Common Vulnerabilities and Exposures (CVE) reporting has grown exponentially during 2025, making it another record year in the domain. According to Jerry Gamblin, principal engineer at ...
Yahoo Finance

Software Vulnerabilities Surged 61% in 2024, with Exploits Nearly Doubling, Action1 Report Finds

HOUSTON, May 15, 2025 /PRNewswire/ -- Action1, a leading provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year ...

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...
The Hacker News

Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft released out-of-band patches for an actively exploited Microsoft Office zero-day, CVE-2026-21509, a security ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by ...
Microsoft

Case study: Securing AI application supply chains

This case study examines how vulnerabilities in AI frameworks and orchestration layers can introduce supply chain risk. Using ...
Guru3D.com

Samsung Confirms Active Exploitation of High-Severity Vulnerability in SSD Magician Software

Samsung has issued a security warning confirming a serious vulnerability in its Samsung Magician SSD management software that is actively being exploited. The flaw affects Samsung Magician versions ...
Yahoo Finance

Critical vulnerability in SAP NetWeaver under threat of active exploitation

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. Security researchers warn that hackers are ...
Infosecurity-magazine.com

SAP Fixes Critical Vulnerability After Evidence of Exploitation

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...
Nature

Software Vulnerability Management and Economic Models

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...