Patched WinRAR vulnerability remains a favorite tool for hackers and spies

The WinRAR vulnerability tracked as CVE-2025-8088 was discovered and patched in July 2025, but the popular file archiver continues to suffer from its fallout. According to ...
Defense News

The Pentagon must balance speed with safety as it modernizes software

DOD needs to balance expediting its software acquisition process with a better system for gauging prospective vulnerabilities and mitigating harm in the event of an attack, the author of this op-ed ...
Nature

Software Vulnerability Management and Economic Models

Software vulnerability management has emerged as a cornerstone of modern cybersecurity, combining technical strategies for identifying and patching vulnerabilities with sophisticated economic models ...

NIST is rethinking its role in analyzing software vulnerabilities

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.
Nature

Software Vulnerability Detection and Similarity Analysis

Software vulnerability detection and similarity analysis are critical fields in cybersecurity, combining advanced static and dynamic analysis techniques to identify security weaknesses in software ...
Morningstar

Software Vulnerabilities Surged 61% in 2024, with Exploits Nearly Doubling, Action1 Report Finds

HOUSTON, May 15, 2025 /PRNewswire/ -- Action1, a leading provider of autonomous endpoint management (AEM) solutions, today released its 2025 Software Vulnerability Ratings Report, revealing a 61% year ...

Microsoft patches actively exploited Office zero-day vulnerability

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks ...
CSOonline

What’s old is new again: AI is bringing XSS vulnerabilities back to the spotlight

Cross-site scripting vulnerabilities (XSS) have vexed cybersecurity professionals for 30 years. Following a CISA and FBI alert, experts say unless these flaws are fixed soon, AI models may ingest and ...
Business Wire

Vicarius Introduces vuln_GPT: The World’s First LLM Model to Find and Fix Software Vulnerabilities

NEW YORK--(BUSINESS WIRE)--Vicarius, developers of the industry’s first fully autonomous end-to-end vulnerability remediation platform, today announced the launch of vuln_GPT, the world’s first Large ...
SiliconANGLE

Apiiro debuts dynamic software mapping to streamline vulnerability management

Application security posture management company Apiiro Ltd. today announced the launch of Software Graph Visualization, a new feature in its agentic application security platform that provides an ...
Forbes

Google Claims World First As AI Finds 0-Day Security Vulnerability

Google's Big Sleep team uncovers a zero-day vulnerability using AI for the first time. Update, Nov. 05, 2024: This story, originally published Nov. 04, now includes the results of research into the ...