A file containing personal details of San Diego Police Department employees, including individuals' names and contact information, was made available on the department's website in early January, the ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting ...

CISA warned that a Meteobridge vulnerability patched in May has been exploited in attacks and added the flaw to its KEV catalog.

Third time’s the charm?’ asks a prominent security researcher after what appears to be the same critical Java deserialization ...

Fortra GoAnywhere CVE-2025-10035 was exploited a week before disclosure, enabling pre-authentication remote code execution.

WordPress security scanner WPScan’s 2024 WordPress vulnerability report calls attention to WordPress vulnerability trends and suggests the kinds of things website publishers (and SEOs) should be ...

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...

The maker of Passwordstate, an enterprise-grade password manager for storing companies’ most privileged credentials, is urging them to promptly install an update fixing a high-severity vulnerability ...

Explore vulnerability management and remediation solutions for enterprise SSO and CIAM. Learn to protect your systems from cyber threats with effective strategies.

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Renato Losio and a panel of security experts ...

The cracks in the armor of most enterprise websites are many including recurring holes in OpenSSL, PHP, and WordPress and are largely due to a combination of extensive customizations paired with a ...