Tag

#vulnerability disclosure

31 stories taggedvulnerability disclosure.

Photoreal news-editorial 16:9 photograph of a modern bank ATM machine viewed from a low angle in a quiet urban street at dusk, the top panel of the machine slig
Vulnerabilities

Nine Security Flaws Found in ATM Encryption Software, and Nobody Agrees How Bad It Is

A researcher found serious bugs in software that locks ATM hard drives. The world's biggest ATM maker says they don't matter. The researcher disagrees. The truth is somewhere uncomfortable.

4 min
Full-frame edge-to-edge photoreal editorial shot of an empty modern office reception desk with a single unmarked intake tray and a locked glass door behind it,
Opinion

The Summer Everyone Launched a Clearinghouse

Vendor announcements have piled up fast. But not every 'clearinghouse' is a fresh idea, and the differences matter more than the marketing suggests.

4 min
Photoreal news-editorial photograph, 16:9 framing, full-frame edge-to-edge composition
AI Security

AI Coding Assistants Fooled by Decades-Old File Trick to Attack Developer Machines

A technique as old as Unix itself let researchers plant hidden traps inside innocent-looking code projects, then watch AI tools quietly rewrite the wrong files while developers clicked 'approve'.

3 min
Full-frame close-up of a modern laptop screen glowing blue in a dim office, showing an abstract Windows security shield icon partly fractured, dust motes catchi
Vulnerabilities

Microsoft patches 'RoguePlanet' Defender flaw after researcher publishes exploit in disclosure spat

The zero-day let attackers hand themselves the keys to a fully patched Windows machine. It was revealed by a researcher publicly feuding with Microsoft.

4 min
Photoreal news-editorial photograph, 16:9 framing, full-frame edge-to-edge composition
Vulnerabilities

A New Citrix NetScaler Flaw Is Already Being Exploited, And It Looks Familiar

A security hole in widely used Citrix network equipment is leaking corporate secrets from memory. Attackers moved within 24 hours of the patch dropping.

3 min
Photoreal, news-editorial style, 16:9 framing, full-frame edge-to-edge composition
Vulnerabilities

Adobe Is Doubling Its Patch Releases — Here's Why That Matters

Starting in July, Adobe will push security fixes twice a month instead of once. Blame faster vulnerability discovery, AI-assisted research, and a threat pace that monthly updates can no longer keep up with.

3 min
Vulnerabilities

Active Exploitation Reported Against Progress Kemp LoadMaster Pre-Auth RCE (CVE-2026-8037)

Threat responders flag in-the-wild attempts against a 9.6-rated OS command injection flaw in the load balancer, days after Progress issued a fixed build.

2 min
AI Security

Dify AI Platform Carried Multi-Tenant Flaws Exposing Private Chats and Internal APIs

Cross-tenant data leakage vulnerabilities in Dify's cloud service let attackers read other users' conversations, preview documents, and probe internal API endpoints.

2 min
Vulnerabilities

Samsung KNOX Use-After-Free Bug Sat in Galaxy Devices for Eight Years Before Patch

A high-severity kernel-level flaw in Samsung's KNOX security framework affected Galaxy handsets from the S9 through the S25 — a product window spanning nearly a decade.

2 min
AI Security

DifyTap: Four Unauthenticated Bugs in Dify Expose Cross-Tenant AI Conversations

Researchers at Zafran say a chain of flaws in the popular agentic workflow platform let attackers read other tenants' chats without logging in.

3 min
Vulnerabilities

Microsoft Acknowledges 'RoguePlanet' Defender Zero-Day, Patch Still in the Works

CVE-2026-50656 is a privilege escalation bug in the Malware Protection Engine — the component sitting at the heart of every Defender install.

2 min
Vulnerabilities

Twenty-Five Orgs Are Quietly Triaging Open-Source Vulns Before You Hear About Them

A coalition called Athena is building shared infrastructure to find, fix, and harden OSS projects in the window between discovery and public disclosure.

2 min
Vulnerabilities

GreatXML's BitLocker Bypass Claim Falls Short — For Now

A pseudonymous researcher dropped an alleged WinRE-based BitLocker exploit days after Patch Tuesday. A respected vulnerability analyst couldn't replicate it. The researcher is already hunting a fix.

3 min
Vulnerabilities

GreatXML Bypasses BitLocker Through a Trusted Recovery Path

A researcher's four-hour weekend project shows how Windows' own offline scan plumbing can sidestep full-disk encryption.

3 min
Vulnerabilities

ServiceNow's Unauthenticated API Endpoint Left Tenant Data Exposed for Months

An API resource shipped with authentication disabled by default. Now enterprises are asking whether the 'security researcher' explanation fully covers what got accessed.

2 min
© 2026 Threat Vectr