Tenable-Blog
CVE-2025-64446: Fortinet FortiWeb Zero-Day Path Traversal Vulnerability Exploited in the Wild
Cybersecurity Awareness Month Is for Security Leaders, Too
Think you know all there is to know about cybersecurity? Guess again. Shadow AI is challenging security leaders with many of the same issues raised by other “shadow” technologies. Only this time, it’s evolving at breakneck speed.
Oracle October 2025 Critical Patch Update Addresses 170 CVEs
Oracle addresses 170 CVEs in its final quarterly update of 2025 with 374 patches, including 40 critical updates.
Cybersecurity Snapshot: F5 Breach Prompts Urgent U.S. Gov’t Warning, as OpenAI Details Disrupted ChatGPT Abuses
F5’s breach triggers a CISA emergency directive, as Tenable calls it “a five-alarm fire” that requires urgent action. Meanwhile, OpenAI details how attackers try to misuse ChatGPT. Plus, boards are increasing AI and cyber disclosures. Und noch viel mehr!
F5 BIG-IP Breach: 44 CVEs That Need Your Attention Now
Partnering with an EDR vendor after a nation-state has already stolen your source code isn’t innovation — it’s a gamble. You don’t build a fire extinguisher while the house is burning. You find every spark before it becomes the next inferno.Key takeaways:F5’s BIG-IP is used to secure everything…
Tenable Discovers Critical Vulnerabilities in SimpleHelp Tool: CVE-2025-36727 and CVE-2025-36728
Tenable Research found two flaws in SimpleHelp’s remote-support tool that can be chained together to gain remote code execution on clients' devices. SimpleHelp has patched them: CVE-2025-36728 in version 5.5.11 and CVE-2025-36727 in version 5.5.12.
Frequently Asked Questions About The August 2025 F5 Security Incident
Frequently asked questions about the August 2025 security incident at F5 and the release of multiple BIG-IP product patches.
Die menschliche Dimension von Cyberrisiken: Wie Exposure Management Burnout in Sicherheitsteams entgegenwirken kann
Den tatsächlichen Preis für Cyberrisiken zahlen Mitarbeiter: Isolierte Tools und unzusammenhängende Abläufe bringen nicht nur Unternehmen in Gefahr, sie stellen auch eine echte Belastung für Teams dar. Es ist längst an der Zeit, Reibungspunkte im Cybersecurity-Bereich zu beseitigen – durch einen einheitlichen, proaktiven Ansatz.
Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230)
Microsoft addresses 167 CVEs in its largest Patch Tuesday to date, including three zero-day vulnerabilities, two of which were exploited in the wild.
Relying on EDR for Exposure Management? Here’s What You Need to Know
Endpoint detection and response tools may serve you well when it comes to handling incident response. But, when used for exposure management, they can leave you blind to large portions of your attack surface.
Vertriebsteam kontaktieren