Common Vulnerabilities and Exposures (CVE) stories

BackBox 8.0 unifies and automates security and compliance across hybrid networks, helping firms manage on-premise and cloud assets with a single dashboard.

Security researcher Rapid7 has uncovered 8 vulnerabilities in 742 printer models from Brother, FUJIFILM, Ricoh, and Toshiba, with fixes now available.

Azul's new Java security tool cuts false positives by 99%, boosting detection accuracy and helping DevOps teams focus on real risks in production code.

Azul’s Intelligence Cloud now cuts Java security false positives by up to 99%, using runtime data to boost vulnerability detection accuracy for DevOps teams.

Azul has launched a Java vulnerability tool that cuts false positives by up to 99%, improving threat detection accuracy for production environments.

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

IP Fabric launches version 7.2 to enhance firewall visibility and compliance, aiding enterprises in detecting misconfigurations and enforcing security policies.

Red Hat launches Advanced Developer Suite on OpenShift, enhancing developer productivity, AI integration, and application security with new tools and templates.

Red Hat launches Enterprise Linux 10, featuring AI integration, enhanced security with post-quantum cryptography, and hybrid cloud support for enterprises.

Mindgard reveals emoji smuggling can bypass AI guardrails from Microsoft, Meta, Nvidia, and others with up to 100% attack success, raising serious security concerns.

Black Kite launches Vulnerability Intelligence Briefs to help organisations identify and manage third-party cyber risks, enhancing supply chain security.

Minimus launches with USD $51 million to cut 95% of CVEs in software supply chains, offering secure components and faster vulnerability reduction.

Armis launches free Vulnerability Intelligence Database to help security teams anticipate and tackle cyber threats with real-time, AI-driven insights.

US government funding for the crucial CVE cybersecurity programme is set to lapse, raising fears over global vulnerability tracking and defence efforts.

CISA extends its contract with MITRE for another 11 months at USD $44 million, securing the critical CVE vulnerability programme amid funding concerns.

Concerns rise as MITRE's contract to manage the CVE vulnerability database nears expiry, risking disruption to global cybersecurity infrastructure.

US government funding for MITRE's CVE programme has expired, risking disruption to global cybersecurity efforts and vulnerability tracking systems.

Healthcare providers in Australia and New Zealand face growing cyber threats, with legacy medical devices proving vulnerable due to outdated security measures.

Microsoft's recent Patch Tuesday sparked scrutiny with a 40-minute delay in updates and notable vulnerabilities, including a critical zero-day in the CLFS Driver.

Zscaler's 2025 ThreatLabz VPN Risk Report reveals soaring VPN usage in Australia but warns of heightened security risks, urging a shift to Zero Trust architectures.