Security vulnerabilities remain the most common entry point for cyber attacks. This section tracks newly discovered CVEs, zero-day vulnerabilities, and actively exploited flaws affecting enterprise infrastructure, cloud environments, and software supply chains.
81 articles
Chrome’s preloading feature, designed to enhance browsing speed, can inadvertently expose enterprise data and trigger security tools, raising concerns for CISOs about operational risks and privacy.
ClickFix campaigns now exploit the nslookup utility to deliver payloads hidden in DNS responses, bypassing traditional PowerShell defenses.
The Acer Swift Edge 14’s use of last-gen hardware raises questions for CISOs managing device lifecycles in 2026. Explore risk exposure and strategy.
QR-based attacks are surging, leveraging deep links and shorteners for stealthy social engineering and mobile compromises. CISOs must understand the changing quishing landscape.
Apple has issued a critical patch for a zero-day exploited in the wild across iOS, macOS, and more. CISOs must assess exposure and act swiftly.
Microsoft's February Patch Tuesday resolves 59 CVEs, including six zero-days actively exploited in the wild. CISOs should act quickly.
VoidLink, a modular Linux malware framework, is being used by UAT-9921. CISOs should assess visibility and controls around cloud and hybrid Linux-based assets.
Advanced AI-powered smart cameras like EufyCam S3 Pro blur the line between security and surveillance. CISOs must assess emerging risks and governance gaps.
Samsung’s Galaxy Book6 Ultra offers potent hardware upgrades for enterprise use. But its adoption raises performance, governance, and supplier trust issues.
New research links specific MITRE techniques to unique cloud alert patterns by threat actors. CISOs can use this for proactive industry-focused defense.
CrowdStrike Falcon delivered 100% detection and protection accuracy in SE Labs’ October 2025 ransomware test, marking four consecutive perfect scores.
Browser extension changes in Manifest v3 broke legacy threat protections. Malwarebytes re-engineered Browser Guard, and CISOs must understand the implications.