Vulnerabilities
-
Startups
SmarterTools Breached By Own SmarterMail Vulnerabilities
SmarterTools was breached by hackers exploiting a vulnerability in its own SmarterMail software through an unknown virtual machine set up…
-
Bug bounty & rewards
What CISA KEV Is And Isn’t And A Tool To Help Security Teams
A new paper gives an insider's perspective into CISA's Known Exploited Vulnerability catalog – and also offers a free tool…
-
Budgets
Foxit PDF Editor XSS Flaws Patched In February 2026
Foxit Software has released security updates addressing multiple cross-site scripting (XSS) vulnerabilities affecting Foxit PDF Editor Cloud and Foxit eSign, closing gaps that could…
-
Bug bounty & rewards
Security Researcher Finds Exposed Admin Panel For AI Toy
A security researcher investigating an AI toy for a neighbor found an exposed admin panel that could have leaked the…
-
Bug bounty & rewards
Malicious Open Source Software Packages Neared 500k In 2025
Malicious open source software packages have become a critical problem threatening the software supply chain. That's one of the major…
-
Budgets
CISA Adds 5 Enterprise Software Flaws To KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five enterprise software flaws to its Known Exploited Vulnerabilities (KEV)…
-
Bug bounty & rewards
AI Security Is Top Cyber Concern: World Economic Forum
AI is expected to be “the most significant driver of change in cybersecurity” this year, according to the World Economic…
-
Budgets
Patch Tuesday January 2026: Exploited Zero Day, 8 High-Risk
Microsoft's Patch Tuesday January 2026 update includes fixes for one actively-exploited zero day vulnerability and eight additional high-risk flaws. In…
-
Startups
CISA Warns Of Attacks On PowerPoint And HPE Vulnerabilities
A 16-year-old Microsoft PowerPoint flaw and a new maximum-severity HPE vulnerability are the latest additions to CISA's Known Exploited Vulnerabilities…
-
Bug bounty & rewards
CISA Known Exploited Vulnerabilities (KEV) Soared 20% In 2025
After stabilizing in 2024, the growth of known exploited vulnerabilities accelerated in 2025. That was one conclusion from Cyble's analysis…