Patch/Configuration Management

At RSAC 2025, experts say Secure by Design is delivering real wins — yet unchecked development speed and supply chain risks still threaten progress.

An indisputable security use case for ChatGPT: scouring open-source changelogs for undisclosed vulnerability patches.

Attackers observed exploiting vulnerability in SAP's NetWeaver Visual Composer product.

Threat actors have exploited 159 CVEs during the first three months of 2025, compared with 151 during the last quarter of 2024, with almost a third of vulnerabilities leveraged in attacks within a day of their disclosure, according to The Hacker News.

Widely used workplace time tracking and productivity monitoring software WorkComposer had over 21 million screenshots of employee devices unintentionally leaked by an unprotected Amazon S3 bucket, Cybernews reports.

Major health insurance provider Blue Shield of California has disclosed having sensitive data from 4.7 million individuals inadvertently shared with Google Ads for nearly three years, according to The Record, a news site by cybersecurity firm Recorded Future.

Tenable researchers say “ConfusedComposer” highlights how attackers can exploit cloud service permissions.