vulnerability-management

5 ways to close the ‘exploitability gap’

• aiml
• patchconfiguration-management
• vulnerability-management

5 ways to close the ‘exploitability gap’

Steve Carter May 1, 2026

Here’s a plan for strengthening the company’s vulnerability management program.

Read More Read more about 5 ways to close the ‘exploitability gap’

Decade-old vulnerabilities continue to fuel millions of cyberattacks in the UK

• patchconfiguration-management
• threat-intelligence
• vulnerability-management

Decade-old vulnerabilities continue to fuel millions of cyberattacks in the UK

SC Staff May 1, 2026

Cybercriminals are leveraging outdated and unpatched systems, with a single vulnerability in Hikvision IP cameras reportedly accounting...

Read More Read more about Decade-old vulnerabilities continue to fuel millions of cyberattacks in the UK

Hackers exploit Qinglong vulnerabilities to deploy cryptominers

• patchconfiguration-management
• vulnerability-management

Hackers exploit Qinglong vulnerabilities to deploy cryptominers

SC Staff May 1, 2026

The vulnerabilities, identified as CVE-2026-3965 and CVE-2026-4047, affect Qinglong versions 2.20.1 and older.

Read More Read more about Hackers exploit Qinglong vulnerabilities to deploy cryptominers

Practice by Numbers fixes patient data exposure bug

• data-security
• Privacy
• security-operations
• vulnerability-management

Practice by Numbers fixes patient data exposure bug

SC Staff May 1, 2026

A patient, Joseph R. Cox, discovered the vulnerability, which allowed any user with portal access to view...

Read More Read more about Practice by Numbers fixes patient data exposure bug

Critical cPanel vulnerability actively exploited in the wild

• patchconfiguration-management
• vulnerability-management

Critical cPanel vulnerability actively exploited in the wild

SC Staff April 30, 2026

The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the login and session...

Read More Read more about Critical cPanel vulnerability actively exploited in the wild

DotNetNuke CMS vulnerability allows server compromise via malicious SVG uploads

• patchconfiguration-management
• vulnerability-management

DotNetNuke CMS vulnerability allows server compromise via malicious SVG uploads

SC Staff April 30, 2026

The flaw, CVE-2026-40321, affects the popular open-source platform built on Microsoft technology.

Read More Read more about DotNetNuke CMS vulnerability allows server compromise via malicious SVG uploads

CISA adds ConnectWise, Microsoft flaws to KEV catalog

• patchconfiguration-management
• vulnerability-management

CISA adds ConnectWise, Microsoft flaws to KEV catalog

Laura French April 30, 2026

The Windows flaw stems from an incomplete patch of a vulnerability exploited by APT28.

Read More Read more about CISA adds ConnectWise, Microsoft flaws to KEV catalog

GitHub vulnerability CVE-2026-3854 allows code execution with a single git push

• patchconfiguration-management
• vulnerability-management

GitHub vulnerability CVE-2026-3854 allows code execution with a single git push

SC Staff April 29, 2026

The vulnerability, CVE-2026-3854, arises from improper handling of special elements within GitHub Enterprise Server.

Read More Read more about GitHub vulnerability CVE-2026-3854 allows code execution with a single git push

Wiz launches Red Agent for AI vulnerability simulation

• aiml
• vulnerability-management

Wiz launches Red Agent for AI vulnerability simulation

SC Staff April 29, 2026

The expansion adds support for Databricks and studio environments, including AWS Agentcore, Gemini Enterprise Agent Platform, and...

Read More Read more about Wiz launches Red Agent for AI vulnerability simulation

The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ – Mark Hughes, Mehul Revankar, Marc Manzano – BSW #445

• ai-benefitsrisks
• aiml
• vulnerability-management

The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ – Mark Hughes, Mehul Revankar, Marc Manzano – BSW #445

Matt Alderman April 29, 2026

Read More Read more about The Next Frontier: Autonomous Security and RSAC Interviews from Quantro & SandboxAQ – Mark Hughes, Mehul Revankar, Marc Manzano – BSW #445