CSOonline

The nexus of risk and intelligence: How vulnerability-informed hunting uncovers what everything else misses

When you treat vulnerabilities as clues instead of chores, you uncover threats, fix blind spots and finally make your security program work smarter. For years, I watched organizations treat ...
SecurityWeek

Open Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker Images

DockSec correlates findings from container security scanners and uses AI to generate remediation guidance and exact Dockerfile fixes.
CSOonline

Measuring the effectiveness of your vulnerability management program

Over the years there has been lots of discussion and points of view surrounding security metrics and how to measure the effectiveness of a vulnerability management program. In fact, the Center for ...
Dark Reading

Tech Insight: Getting The Most Out Of Third-Party Pen Tests

Penetration testing has become a regular expense for organizations of all sizes. The common problem is that the pen-testing services are not one-size-fits-all, and companies seeking these services don ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...
Infosecurity-magazine.com

Google Researchers Claim First Vulnerability Found Using AI

Researchers from Google Project Zero and Google DeepMind have found their first real-world vulnerability using a large language model (LLM). In a November 1 blog post, Google Project Zero researchers ...
Searchenginejournal.com

Data Confirms A Surge In WordPress Vulnerabilities

WordPress security researchers at Patchstack published their annual State of WordPress Security whitepaper that showed an increase of high and critical severity vulnerabilities, highlighting the ...