Many organizations struggle to assess and patch systems fast enough to stay ahead of threats, spurring investment in more aggressive, proactive vulnerability management strategies during the last two years, according to findings in a survey conducted by CRA Business Intelligence in July. Here’s what security practitioners said about challenges they’ve faced in implementing vulnerability management programs in the last two years. Download the full report: Organizations Adopt Aggressive, More Proactive Vulnerability Management Strategies in 2022.
CyberScoop reports that House Homeland Security Committee ranking member Rep. Bennie Thompson, D-Miss., and House Science and Technology Committee ranking member Rep. Zoe Lofgren, D-Calif., have called on the Government Accountability Office to evaluate the Cybersecurity and Infrastructure Security Agency-funded Common Vulnerabilities and Exposures program and the National Institute of Standards and Technology's National Vulnerability Database following recent issues.
Updates have been issued by CoreDNS to fix a high-severity flaw in its DNS-over-QUIC implementation, tracked as CVE-2025-47950, which could be exploited to disrupt DNS servers via stream amplification intrusions, GBHackers News reports.
