Common Vulnerabilities and Exposures (CVE) stories

Microsoft's March Patch Tuesday fixes 77 flaws, including a severe SQL Server bug that could grant attackers sysadmin rights remotely.

ControlPlane launches enterprise support for OpenBao as IBM's USD $6.4 billion HashiCorp deal drives demand for open source Vault alternatives.

Wireless flaws have surged 230-fold since 2010, as Bastille warns AI data centres and critical infrastructure face escalating unseen risks.

Acronis warns AI is turbocharging phishing, email attacks and ransomware in 2025, with MSPs and collaboration tools under rising fire.

Simbian launches an AI Pentest Agent that runs continuous, adaptive penetration tests, promising faster, context-aware vulnerability detection.

Data-only extortion soars 11-fold as attackers 'log in instead of break in', abusing remote access tools for faster, stealthier raids.

Cyber group FIRST warns CVE disclosures could smash records in 2026, topping 50,000 and potentially surging towards six figures.

Black Kite launches Product Analysis tool to expose hidden risks in third-party software, from SaaS subdomains to SBOM dependencies.

Codific sees 2026 cybersecurity shaped by shadow AI, passwordless logins, tighter regulation and a sharper focus on software supply chains.

Minimus unveils Image Creator, enabling enterprises to build secure, custom container images with enhanced compliance and reduced vulnerabilities.

ReliaQuest reveals identity compromises and process flaws, not zero-day exploits, drive most cloud breaches, with 99% of cloud identities still over-privileged.

Rapid7 has added AI-generated risk summaries to its Command Platform, helping security teams speed up prioritisation and remediation of vulnerabilities.

Nearly one-third of CVE entries are unverified, revealing flaws in how organisations assess software security risks and reliance on CVSS scores.

Azul launches its Technology Alliance Partner Program to enhance global Java innovation, boosting performance, security, and cost-efficiency for enterprises.

Preemptive cybersecurity is set to command 50% of IT security spend by 2030, driven by AI and machine learning to counter rising cyber threats, says Gartner.

Ransomware attacks surge to 20 daily incidents in 2025H1, with healthcare facing increased cyber threats and hackers targeting overlooked IoT devices worldwide.

Black Kite has launched its Adversary Susceptibility Index to help firms spot which suppliers are most exposed to specific cyber threat actors, enhancing risk management.

BackBox 8.0 unifies and automates security and compliance across hybrid networks, helping firms manage on-premise and cloud assets with a single dashboard.

Azul's new Java security tool cuts false positives by 99%, boosting detection accuracy and helping DevOps teams focus on real risks in production code.

Azul's Intelligence Cloud now cuts Java security false positives by up to 99%, using runtime data to boost vulnerability detection accuracy for DevOps teams.