The Forum of Incident Response and Security Teams (FIRST) officially launched the fourth version of the Common Vulnerability Scoring System (CVSS 4.0), in November 2023. CVSS 4.0, the industry ...

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

Microsoft issued patches for scores of vulnerabilities in its December Patch Tuesday yesterday, including one that is currently being exploited by threat actors. The zero-day flaw, CVE-2024-49138, is ...

Microsoft has released patches for two zero-day vulnerabilities being exploited in the wild, along with fixes for another 57 CVEs on its monthly Patch Tuesday. Satnam Narang, senior staff researcher ...

The cybersecurity world, shocked by the near-shutdown of the CVE system — a quiet crisis that nearly disrupted the backbone of global vulnerability coordination. In cybersecurity, some moments pass ...

Microsoft has patched 49 CVEs in its June 2024 Patch Tuesday release, with this being the second successive month in which less than 60 CVEs were patched. Satnam Narang, senior staff research engineer ...

Apple urgently warned 1.8 billion iPhone and iPad users of two zero-day vulnerabilities under active exploitation in ...

The Exploit Prediction Scoring System has its shortcomings, but it can complement CVSS to help better prioritize and assess vulnerability risk. The Common Vulnerability Scanning System (CVSS) is the ...

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows ...

Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s ...