Security vulnerabilities stories

Tenable adds OT asset discovery to its exposure platform, giving security teams a single view of cyber-physical risk without extra hardware.

Qualys says attackers are exploiting flaws before disclosure as remediation backlogs swell, with edge devices facing the highest risk.

ExpressVPN expands beyond VPNs with encrypted AI chats, launching ExpressAI on confidential computing enclaves after an audit by cybersecurity firm Cure53.

Akamai says attack volumes in Europe, the Middle East and Africa climbed 36% year on year as APIs and automated DDoS campaigns fuel a sharp surge.

Managing 600+ SonicWall firewalls, Sourcepass turns routine upgrades into a strategic weapon for security, efficiency and client trust.

ActiveState appoints seasoned open source leader Abby Kearns as Chief Executive, sharpening its focus on managed open source security.

Secure.com warns most apps hide critical flaws in open source components, as unpatched dependencies and licence risks leave firms exposed.

Private equity faces rising AI risk as SIG warns fragile software, security and governance are undermining ambitious investment narratives.

As AI tools spread through software teams, rising security flaws and shadow AI use are forcing leaders to tighten guardrails fast.

Survey of 2,000 professionals shows rising Java use in AI and growing migration from Oracle over pricing concerns.

Stop-start app modernisation is blunting enterprise AI returns, as most firms shun continuous upgrades despite rapid AI adoption.

Anthropic unveils Claude Code Security, an AI tool that scans codebases for complex bugs, verifies risks and suggests patches for developers.

Barracuda warns that unpatched firewalls and weak accounts drove 90% of 2025 ransomware attacks, as threats spread in mere hours.

Qodo 2.0 launches multi-agent AI code review to boost trust in autogenerated code, claiming 11% better detection of critical issues.

Developers granting AI agents broad, unsupervised access to code and systems are creating new software supply chain and data exposure risks.

Apex Computing turns firewall upgrades into planned security strategy, helping clients avoid breaches, downtime and costly distressed buys.

LF Energy's audit of the widely used EVerest EV charging stack finds and fixes security flaws, boosting confidence in open source grids.

GitLab releases Duo AI Agent Platform to orchestrate AI across the full DevOps lifecycle, promising faster, governed software delivery.

AI-written code introduces 1.7 times more bugs than human work, a CodeRabbit study warns, with security and performance flaws surging.

Organisations face rising risks from ungoverned non-human identities and AI demands, exposing them to cyber threats, regulatory pressure, and operational disruptions.