Dark Reading

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday

The actively exploited zero-day bug — and the one therefore that needs high-priority attention — is CVE-2025-62221, which ...

Ivanti warns of critical Endpoint Manager code execution flaw

American IT software company Ivanti warned customers today to patch a newly disclosed vulnerability in its Endpoint Manager ...
The Manila Times

Sonatype Introduces Guide, the Intelligent Solution for Secure Agentic Development

New solution connects generative and agentic AI coding assistants to real-time open source intelligence to optimize development speed, reduce security risk, and automate dependency maintenance.
American Hospital Association

CISA alerts of critical vulnerability impacting free program used for building user interfaces

A critical, unauthenticated remote code execution vulnerability known as React2Shell has been added to the Cybersecurity and ...
Security Boulevard

Sleepless in Security: What’s Actually Keeping CISOs Up at Night

Security headlines distract, but the threats keeping CISOs awake are fundamental gaps and software supply chain risks. Learn why basics and visibility matter most.
InfoWorld

A proactive defense against npm supply chain attacks

Supply chain risk is unavoidable, but not unmanageable. Proactively prevent supply chain attacks by embedding YARA into ...

Your favorite AI tool barely scraped by this safety review - why that's a problem

The Future of Life Institute assigned letter grades to eight leading AI labs to score their safety efforts. The results look ...