Security vulnerabilities stories

Only 16% of organisations find their software testing effective amidst AI integration, revealing significant challenges and a need for better test practices.

A Leapwork survey reveals only 16% of firms find their software testing efficient, despite 85% having integrated AI, uncovering widespread performance issues.

Report reveals grave cybersecurity flaws, with 97% of Non-Human Identities having excessive privileges and 44% of tokens exposed.

HackerOne has introduced Essential VDP, aiming to aid organisations in handling security vulnerabilities and meeting compliance standards.

Microsoft's September Patch Tuesday addresses 79 vulnerabilities, including four critical RCEs and bugs with in-the-wild exploitation. Surprisingly, no browser patches yet.

Opus Security unveils its AI-powered Advanced Multi-Layered Prioritization Engine, revolutionising how organisations manage and address vulnerabilities.

HackerOne has unveiled its first channel partner programme, PartnerOne, to expand global access to its human-powered cybersecurity solutions, involving key partners like GuidePoint Security and Softcat.

Revenera launches OSS Inspector for IntelliJ IDEA, helping developers identify open source software risks directly in their IDE, ensuring secure, compliant code.

Tenable unveils new features in Tenable Nessus, enhancing risk prioritisation with EPSS and CVSS v4 for improved vulnerability management and compliance.

Only 20.8% of finance professionals have stressed exit plans with suppliers, despite DORA recommendations, highlighting a key vulnerability exposed by a recent CrowdStrike outage.

GitLab unveils GitLab Duo Enterprise at USD $39 per user/month, offering AI-driven enhancements for secure, efficient software development to Ultimate customers.

Akamai’s data shows a surge in cyber threats aimed at the gaming industry in 2024, with bot activity, web attacks, and DDoS attacks reaching record highs.

Capital.com launches a public bug bounty programme on Intigriti to enhance cybersecurity. The programme invites global researchers and ethical hackers to earn rewards for identifying vulnerabilities.

Newcastle City Council has tackled major security vulnerabilities by replacing Oracle JDK 8 with Azul Platform Core, securing mission-critical Java applications.

Australian firms must enhance cyber defences by integrating technology with skilled personnel and robust processes, amid rising AI-driven threats, reports Logicalis.

Microsoft's August Patch Tuesday fixes 88 vulnerabilities, with evidence of in-the-wild exploitation and public disclosure for 10 of them.

Security experts underscore the importance of immediate remediation for vulnerabilities to mitigate risks and protect organisational assets.

Directed Technologies acquires Sofihub to bolster fleet safety solutions and expand into assisted living tech, enhancing services for fleet managers and vulnerable users.

Tenable releases new Vulnerability Intelligence and Exposure Response tools to aid IT and cloud environments in prioritising and addressing critical security threats.

Elastic Security Labs unveils critical flaws in Microsoft's Smart App Control and SmartScreen, exposing vulnerabilities that allow attackers to bypass security protocols with minimal user interaction.