Exposure managementReact2Shell ransomware: Weaxor deployed on vulnerable serverLaura FrenchDecember 19, 2025Attackers deployed Weaxor ransomware less than a minute after initial access.
Exposure managementCVSS 10.0 HPE OneView RCE bug identified – patch now!Steve ZurierDecember 18, 2025Experts say OneView manages the whole data center, so teams should expect an exploit of this RCE very soon.
Exposure managementDefault WAF rules fail to block most major exploits, study findsLaura FrenchDecember 18, 2025Vendors take an average of 41 days to publish CVE-specific rules, according to Miggo Security.
Exposure managementFortinet FortiGate firewalls actively exploited after disclosureSteve ZurierDecember 17, 2025Experts say teams must patch right away as time to exploit gets shorter and shorter.
Exposure managementThree ways teams can tackle Iran’s tangled web of state-sponsored espionageSaher NaumaanDecember 17, 2025The lines are blurring between Iran’s many state-sponsored threat groups – here’s what to do about it.
Exposure managementJumpCloud agent vulnerability risks Windows privilege escalationLaura FrenchDecember 17, 2025The JumpCloud uninstaller can be exploited to escalate privileges to system.
Exposure managementBeyond the noise: Distinguishing everyday risk from actual exposure with exposure managementPaul WagenseilDecember 17, 2025CVSS base scores aren't designed to measure risk. But exposure-management platforms offer tailored, holistic risk scores that let organizations prioritize remediation accurately.
Threat ManagementAmazon: Russian threat actors focus more on targeting cloud misconfigurationsSteve ZurierDecember 16, 2025Threat actors reduce exposure and save money by targeting cloud misconfigurations instead of software zero-days.