Vulnerability

Mythos and the AI Vulnerability Storm: Exploring the Control Point

AndyC 17 April 2026

The post Mythos and the AI Vulnerability Storm: Exploring the Control Point appeared first on 2024 Sonatype Blog. The Inflection...

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

AndyC 16 April 2026

The post Unlocking foundational visibility for cyber-physical systems with OT vulnerability management appeared first on Tenable Blog. Stop managing risk...

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

AndyC 16 April 2026

The post Unlocking foundational visibility for cyber-physical systems with OT vulnerability management appeared first on Tenable Blog. Stop managing risk...

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

AndyC 16 April 2026

The post Unlocking foundational visibility for cyber-physical systems with OT vulnerability management appeared first on Tenable Blog. Stop managing risk...

Vendor News

The vulnerability flood is here. Here’s what it means – and how to prepare

AndyC 11 April 2026

Last week, Thomas Ptacek published a piece arguing that vulnerability research is cooked. His thesis: AI agents are about to...

Can managers feel relieved with Agentic AIs handling security

Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit…

AndyC 11 April 2026

Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit Speed. So? Many years ago while...

Anthropic Claude Mythos Will Break Vulnerability Management

AndyC 11 April 2026

Anthropic’s latest AI Model, Claude Mythos, will break the cybersecurity vulnerability management operational models. Mythos is so good at discovering...

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

AndyC 7 April 2026

image: envato by GoldenDayz Fortinet disclosed a critical FortiClient EMS vulnerability that is already being exploited in the wild. The...

US tech sector lost jobs in March, stalling growth

CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild

AndyC 7 April 2026

Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways:...

Smashing Security podcast #461: This man hid 0 million in a fishing rod. Then it vanished

Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished

AndyC 2 April 2026

A cannabis-growing, beekeeping, gyrocopter-flying Irishman invested his drug money in Bitcoin back in 2011 – and now sits on a...

VRP 2025 Year in Review

AndyC 1 April 2026

Posted by Dirk Göhmann, Tony Mendez, and the Vulnerability Rewards Program Team2025 marked a special year in the history of...

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

AndyC 31 March 2026

A previously unknown vulnerability in OpenAI ChatGPT allowed sensitive conversation data to be exfiltrated without user knowledge or consent, according...

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

AndyC 21 March 2026

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a...

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions

AndyC 14 March 2026

Image: Aminu Abdullahi/TechRepublic A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes to malicious apps on the...

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

AndyC 13 March 2026

Image: Adobe A vulnerability in a widely used WordPress accessibility plugin could allow attackers to steal sensitive data from affected...

Vulnerability

Mythos and the AI Vulnerability Storm: Exploring the Control Point

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

Unlocking foundational visibility for cyber-physical systems with OT vulnerability management

The vulnerability flood is here. Here’s what it means – and how to prepare

Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit…

Anthropic Claude Mythos Will Break Vulnerability Management

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild

Smashing Security podcast #461: This man hid $400 million in a fishing rod. Then it vanished

VRP 2025 Year in Review

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Security Flaw in WordPress Plugin Puts 400,000 Websites at Risk

Protecting legacy OT systems against modern cyberthreats

Lessons for life: Why children’s data is a long-term identity risk

This month in security with Tony Anscombe – May 2026 edition

ESET APT Activity Report Q4 2025–Q1 2026

What to consider before asking an AI chatbot for health advice

BTMOB: A stealthy RAT burrowing deep into Android devices

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Smashing Security podcast #472: AI gets hacked, and BitLocker gets bypassed

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed