CSO Online

Vulnerability prioritization beyond the CVSS number

A vulnerability in a tightly isolated sandbox may score a 9.8 but never affect anything else. Meanwhile, a 5.2 in a single ...
Techzine EuropeOpinion

From vulnerability whack-a-mole to strategic risk operations

Qualys VP Alex Kreilein explains why counting vulnerabilities fails and how VEX-enhanced SBOMs enable true risk operations ...
JD Supra

Here Are the Five Top Security Threats from 2025

Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 may inform our strategy and budgeting for 2026 to prepare for the continued ...
Forbes IndiaOpinion

Cyber risk in the boardroom: Why judgment matters more than numbers

Cybersecurity resilience depends on leadership judgment, supply chain awareness and strong governance to handle black swan ...
Bleeping Computer

IBM warns of critical API Connect auth bypass vulnerability

IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application ...
CSO Online

For application security: SCA, SAST, DAST and MAST. What next?

If you think SAST and SCA are enough, you’re already behind. The future of app security is posture, provenance and proof, not ...
The National Law Review

Here Are the Five Top Security Threats from 2025

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Bleeping Computer

Exploited MongoBleed flaw leaks MongoDB secrets, 87K servers exposed

A severe vulnerability affecting multiple MongoDB versions, dubbed MongoBleed (CVE-2025-14847), is being actively exploited in the wild, with over 80,000 potentially vulnerable servers exposed on the ...