The Hacker News

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of ...
CSO Online

Vulnerability prioritization beyond the CVSS number

A vulnerability in a tightly isolated sandbox may score a 9.8 but never affect anything else. Meanwhile, a 5.2 in a single ...
The Hacker News

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.
Dark Reading

Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...
Infosecurity-magazine.com

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Picture the scenario: you log into your vulnerability management dashboard on a Monday morning. The scan ran overnight, and the report lights up with a dozen new high-severity CVEs. One stands out ...
SecurityWeek

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet patches six vulnerabilities, including critical flaws in FortiFone and FortiSIEM leading to configuration leak and ...
Dark Reading

Microsoft Patches 137 CVEs in July, but No Zero-Days

In a break from recent months, Microsoft's security update for July contains no zero-day bugs. But with 137 newly disclosed vulnerabilities, including one that has been publicly disclosed already, it ...
Hosted on MSN

Vulnerability scores, huh, what are they good for? Almost nothing

Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.… Having examined the ...