Patch/Configuration Management

Related Videos

Researchers publish tool to enhance CISA KEV prioritization

SC StaffFebruary 9, 2026

The paper reveals that only 32% of vulnerabilities in the CISA KEV catalog are immediately exploitable for initial access, challenging the common misconception that it lists the most severe flaws.

Data Security

SQL injection vulnerability found in popular WordPress plugin QSM

SC StaffFebruary 9, 2026

The vulnerability, tracked as CVE-2025-67987, allows any user with a subscriber-level account or higher to inject commands into the database.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Millions of servers expose Git metadata, thousands leak credentials

SC StaffFebruary 9, 2026

The study identified approximately 4.96 million IP addresses with publicly accessible .git directories.

The Future of Digital Security A Comprehensive Look at Shield Concepts and Cyber Threat Mitigation Strategies for Protection and Safeguarding Data

Endpoint/Device Security

Emergency patches advised after attacks on Ivanti EPMM devices

Steve ZurierFebruary 9, 2026

Exploited Ivanti EPMM RCEs hit agencies, prompting emergency patching amid fears of global spread.

Application security

Anthropic: Latest Claude model finds more than 500 vulnerabilities

Laura FrenchFebruary 6, 2026

The AI company says all bugs were validated by human researchers to weed out false positives.

(Credit: monticellllo – stock.adobe.com)

Vulnerability Management

Google patches RCE, internal database leak flaws in Looker

Laura FrenchFebruary 6, 2026

Researchers used a crafted Git repo and exploited a race condition to achieve RCE.

Vulnerability Management

n8n vulnerabilities raise takeover risks for AI orchestration users

SC StaffFebruary 5, 2026

Infosecurity Magazine reports that open-source automation platform n8n has been impacted by a pair of maximum severity sandbox escape flaws that could enable total server takeover and credential compromise.

Ransomware

CISA: Ransomware intrusions exploiting VMware ESXi bug ongoing

SC StaffFebruary 5, 2026

BleepingComputer reports that the high-severity VMware ESXi sandbox escape issue, tracked as CVE-2025-22225, was confirmed by the Cybersecurity and Infrastructure Security Agency to have been harnessed in ransomware attacks nearly a year after the flaw was added to the agency's Known Exploited Vulnerabilities catalog.

Patch/Configuration Management

Related Videos

A couple simple steps companies can take to protect their systems from ransomware

Researchers publish tool to enhance CISA KEV prioritization

SQL injection vulnerability found in popular WordPress plugin QSM

Millions of servers expose Git metadata, thousands leak credentials

Emergency patches advised after attacks on Ivanti EPMM devices

Anthropic: Latest Claude model finds more than 500 vulnerabilities

Google patches RCE, internal database leak flaws in Looker

n8n vulnerabilities raise takeover risks for AI orchestration users

CISA: Ransomware intrusions exploiting VMware ESXi bug ongoing

Fast Five

Selected by the SC Media Editorial team every Tuesday.