Microsoft's total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks ...

The European Union Agency for Cybersecurity (Enisa) has debuted a European Union Vulnerability Database (EUVD) to provide “aggregated, reliable and actionable” information on newly disclosed cyber ...

For the first time in its publication history of nearly 20 years, Verizon's annual Data Breach Investigations Report (DBIR) is tracking vulnerability exploitation as the leading initial access method ...

Verizon’s 2026 DBIR shows vulnerability exploitation, AI-enabled attacks, third-party risk, and ransomware are reshaping ...

The four flaws in the rapidly growing AI agent framework allow attackers to steal credentials, escalate privileges, and ...

Threat actors are exploiting CVE-2026-42945, a critical NGINX vulnerability that leads to remote code execution if ASLR is ...

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

Get the latest federal technology news delivered to your inbox. Despite goals set last year by the National Institute of Standards and Technology to process a backlog of unanalyzed cybersecurity ...

Juhan Lepassaar, Executive Director at ENISA. Image: Hubert Burda Media/Flickr The announcement comes after concerns that the US government would stop funding the operations of MITRE, the nonprofit ...

After the U.S. government initially cut its funding of the CVE database, used to track security vulnerabilities in operating systems and software, CISA has said it will continue to be funded for ...