Common Vulnerabilities and Exposures (CVE) stories - Page 2

ReliaQuest reveals identity compromises and process flaws, not zero-day exploits, drive most cloud breaches, with 99% of cloud identities still over-privileged.

Rapid7 has added AI-generated risk summaries to its Command Platform, helping security teams speed up prioritisation and remediation of vulnerabilities.

Nearly one-third of CVE entries are unverified, revealing flaws in how organisations assess software security risks and reliance on CVSS scores.

Azul launches its Technology Alliance Partner Program to enhance global Java innovation, boosting performance, security, and cost-efficiency for enterprises.

Preemptive cybersecurity is set to command 50% of IT security spend by 2030, driven by AI and machine learning to counter rising cyber threats, says Gartner.

Ransomware attacks surge to 20 daily incidents in 2025H1, with healthcare facing increased cyber threats and hackers targeting overlooked IoT devices worldwide.

Black Kite has launched its Adversary Susceptibility Index to help firms spot which suppliers are most exposed to specific cyber threat actors, enhancing risk management.

Aqua Security launches Trivy Partner Connect to strengthen the ecosystem around its popular open source security scanner, Trivy, boosting collaboration and innovation.

BackBox 8.0 unifies and automates security and compliance across hybrid networks, helping firms manage on-premise and cloud assets with a single dashboard.

Azul's Intelligence Cloud now cuts Java security false positives by up to 99%, using runtime data to boost vulnerability detection accuracy for DevOps teams.

Azul has launched a Java vulnerability tool that cuts false positives by up to 99%, improving threat detection accuracy for production environments.

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

IP Fabric launches version 7.2 to enhance firewall visibility and compliance, aiding enterprises in detecting misconfigurations and enforcing security policies.

Red Hat launches Advanced Developer Suite on OpenShift, enhancing developer productivity, AI integration, and application security with new tools and templates.

Red Hat launches Enterprise Linux 10, featuring AI integration, enhanced security with post-quantum cryptography, and hybrid cloud support for enterprises.

Mindgard reveals emoji smuggling can bypass AI guardrails from Microsoft, Meta, Nvidia, and others with up to 100% attack success, raising serious security concerns.

Black Kite launches Vulnerability Intelligence Briefs to help organisations identify and manage third-party cyber risks, enhancing supply chain security.

Minimus launches with USD $51 million to cut 95% of CVEs in software supply chains, offering secure components and faster vulnerability reduction.

Armis launches free Vulnerability Intelligence Database to help security teams anticipate and tackle cyber threats with real-time, AI-driven insights.

US government funding for the crucial CVE cybersecurity programme is set to lapse, raising fears over global vulnerability tracking and defence efforts.