Attack surface management

Most Recent

Related events

AI/ML

Amazon Q extension for VS Code reportedly injected with ‘wiper’ prompt

Laura FrenchJuly 24, 2025

AWS said it removed “unapproved code” affecting the extension and released an updated version.

Update software application and hardware upgrade technology concept, Firmware or Operating System update, Man using computer with comfirm button and percent progress bar screen. Installing app patch.

Attack surface management

Despite increase in vulnerability awareness, patching is gradual

Shaun NicholsJuly 22, 2025

Administrators are taking their time with installing patches, even for known vulnerabilities.

Attack surface management

WordPress spam campaign abuses Google Tag Manager scripts

Laura FrenchJuly 21, 2025

The fileless attack forcibly redirects visitors to a spam site using a hidden script.

Secure Online Payment Transaction Process concept. A person confirming secure online payment using a credit card through a digital interface with a verification tick symbol. Internet banking, fintech,

Attack surface management

Cybercrime set to become the world’s third largest economy

Shaun NicholsJune 30, 2025

Criminal activity could account for $15.6 trillion dollars of economic activity by the year 2029.

Attack surface management

Your risks are unique — Your security should be, too

Bill BrennerJune 25, 2025

The following article summarizes a recent SC webcast discussion between Host Jackie McGuire and Daniel Daraban, Senior Director of Product Management at Bitdefender. They discussed a blueprint for building a security posture that aligns to the specific risk profile of individual organizations.

Attack surface management

The 60,000-plus blind spots your security tools are likely skipping

Jason KaplanJune 12, 2025

If your visibility ends where their reconnaissance begins, you're exposed in ways you may not realize until it’s too late.

Vulnerability Management

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More… – SWN #483

June 6, 2025

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News.

Attack surface management

EoL security notice standards advanced by tech vendor coalition

SC StaffMay 1, 2025

SecurityWeek reports that global open standards consortium OASIS had its OpenEoX Technical Committee, composed of Microsoft, Cisco, Oracle, IBM, Dell, and RedHat, issue a draft framework pursuing the standardization of end-of-life security notices for software and hardware offerings amid mounting security risks stemming from outdated systems.

Attack surface management

Related events

Attack Surface Management: Continuous discovery, external attack paths

Salesforce security in a shared responsibility world: Eliminating misconfigurations and drift before they become breaches

Attack Surface Management: Continuous discovery, external attack paths

Amazon Q extension for VS Code reportedly injected with ‘wiper’ prompt

Despite increase in vulnerability awareness, patching is gradual

WordPress spam campaign abuses Google Tag Manager scripts

Cybercrime set to become the world’s third largest economy

Your risks are unique — Your security should be, too

The 60,000-plus blind spots your security tools are likely skipping

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More… – SWN #483

EoL security notice standards advanced by tech vendor coalition

Fast Five

Selected by the SC Media Editorial team every Tuesday.