No rest for project maintainers battered by slew of vulnerability disclosures The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that hackers are exploiting a max-severity ...

CISA has expanded the Known Exploited Vulnerabilities catalog with three bugs targeted by the nation-state-grade Coruna iOS exploit kit.

Firmware security research company Binarly has discovered four new vulnerabilities affecting the UEFI (Unified Extensible Firmware Interface) on multiple Gigabyte motherboards. The vulnerabilities ...

In an attempt to reduce the use of sensationalized and scary vulnerability names, the CERT/CC team launched a Twitter bot that will assign random and neutral names to every security bug that receives ...

The funding crisis that nearly shut down the global vulnerability tracking system last year has quietly been resolved, easing fears of another abrupt disruption to a cornerstone of the cybersecurity ...

The US Department of Homeland Security's Cybersecurity and Infrastructure Agency (CISA) has taken over responsibility for assigning Common Vulnerability Enumeration (CVE) identifiers for software ...

Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a ...