Patch/Configuration Management

Most Recent

Related Videos

Security Operations

Microsoft Office bugs exploited by Russia-linked APT28

Steve ZurierFebruary 3, 2026

Experts warn that social engineering lets attackers take advantage of even the lesser-rated vulnerabilities.

CyberArk interviewed 373 IT security executives and other senior management in North America, Europe and the Asia-Pacific as part of its eighth annual Global Advanced Threat Landscape survey. Read more

Threat Intelligence

Vulnerable Asian IIS servers subjected to UAT-8099 targeting

SC StaffFebruary 2, 2026

Chinese-speaking cybercrime operation UAT-8099 has targeted unsecured Internet Information Services servers across Asia, particularly in Thailand and Vietnam, as part of an attack campaign that commenced late last year, reports Cyber Security News.

Data Security

Automated extortion attacks target exposed MongoDB instances

SC StaffFebruary 2, 2026

The attacks exploit misconfigured MongoDB instances accessible without restriction.

Encryption

OpenSSL patches 12 vulnerabilities, including high-severity RCE flaw

SC StaffJanuary 30, 2026

The vulnerabilities primarily stem from memory safety, parsing robustness, and resource handling issues.

IT professional fixing software bug with binary code display

Security Operations

Ivanti patches two 9.8 bugs in Endpoint Manager Mobile

Steve ZurierJanuary 30, 2026

CVE-2026-1281 and CVE-2026-1340 have CVSS scores of 9.8 and have already been exploited.

Patch/Configuration Management

Exploited vulnerabilities drive the most cyber intrusions

SC StaffJanuary 30, 2026

Cisco Talos reported that exploited vulnerabilities were responsible for nearly 40% of all intrusions in the fourth quarter of 2025.

Vulnerability Management

SolarWinds patches critical vulnerabilities in Web Help Desk software

SC StaffJanuary 29, 2026

The patches address four critical vulnerabilities: CVE-2025-40552 and CVE-2025-40554, which allow remote authentication bypass, CVE-2025-40553, a remote code execution (RCE) flaw due to untrusted data deserialization, and CVE-2025-40551, another RCE vulnerability.

Security Operations

Two n8n sandbox escape vulnerabilities allow RCE

Laura FrenchJanuary 29, 2026

The flaws affect the platform’s expression engine and Python Code Node.

Patch/Configuration Management

Related Videos

A couple simple steps companies can take to protect their systems from ransomware

Microsoft Office bugs exploited by Russia-linked APT28

Vulnerable Asian IIS servers subjected to UAT-8099 targeting

Automated extortion attacks target exposed MongoDB instances

OpenSSL patches 12 vulnerabilities, including high-severity RCE flaw

Ivanti patches two 9.8 bugs in Endpoint Manager Mobile

Exploited vulnerabilities drive the most cyber intrusions

SolarWinds patches critical vulnerabilities in Web Help Desk software

Two n8n sandbox escape vulnerabilities allow RCE

Fast Five

Selected by the SC Media Editorial team every Tuesday.