CVE News, Articles and Updates

Report: Vulnerability management strategies are flawed

Vulnerability management strategies based on responding to published - and patched - CVE vulnerabilities are fatally flawed, according to a new in-depth report.

Chinese Ministry of State Security caught manipulating critical CVE data

Early warnings arrive late: Newly published research from Recorded Future reveals that China has been manipulating critical vulnerability data, and then back dating CVEs to cover up the evidence.

Cobalt malware leverages recently patched 17-year-old Microsoft flaw

Cobalt malware was documented exploiting the 17-year-old CVE-2017-11882 vulnerability via spam just a few days after researchers noted a similar spam campaign exploiting an RTF documents.

Android tops 2016 vulnerability list. Security industry says "meh!"

The Common Vulnerabilities and Exposures (CVE) statistics for 2016 are in and it doesn't make great reading for Google. Or does it? Davey Winder runs the numbers.

Apple OS X named most vulnerable software of 2015

In addition to being the tech company with the most glitches, Apple's OS X has been labeled the most vulnerable software of 2015.