CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-48907link is external Widget Factory Joomla Content Editor Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for...

Navigating the New Federal Logging Mandate | OMB Memorandum M-26-14

The White House Memorandum puts in place an “adaptive framework,” where agencies make risk-based, prioritized logging decisions...

How Federal Agencies Can Activate a Risk Operations Center (ROC) to Meet CISA BOD 26-04

Executive Summary Recognizing the ability of Frontier AI models to discover and exploit vulnerabilities at unprecedented speed and scale, CISA 's Binding Operational Directive BOD 26-04 marks a significant shift in federal vulnerability management. The directive introduces aggressive mandates,...

SeClaw: Spec-Driven Security Task Synthesis for Evaluating Autonomous Agents

Autonomous LLM agents increasingly operate in stateful environments where they access tools, files, memory, and external services. While such capabilities enable complex real-world workflows, they also introduce security risks that are difficult to capture with existing evaluations. Current agent...

Less panic patching, more precision

Welcome to this week's edition of the Threat Source newsletter. Recently, Martin closed his introduction with a warning: Ready or not, the time of much patching is coming. I've been chewing on that one for a while because I'm rethinking my own enrichment pipelines along these lines, and the...

NIST NVD Update: What it Means For Vulnerability Management

The shift from static CVE scoring to risk-based prioritization signals a new era for Vulnerability Managers...

The Backlog Became Policy

& In February, we called the gap between CVE disclosure and scanner signatures the "breach zone." On April 15, 2026, NIST made that gap permanent — and signatureless detection stopped being an advantage. It became a requirement. This post updates Attackers Don't Need Signatures. Neither Should Yo...

Qualys VMDR and TotalCloud™ Now Available on Oracle Cloud Marketplace

Key Takeaways Qualys VMDR and TotalCloud are now available on the Oracle Cloud Marketplace, simplifying procurement and deployment for Oracle Cloud Infrastructure OCI customers. Organizations can deploy security faster with native OCI integration and one-click provisioning. The combined platform...

What Is a Risk-Based Vulnerability Management Platform?

A vulnerability scanner tells you where the cracks are in your defenses, but it doesn't tell you which ones an attacker will actually use. To truly understand your exposure, you need to see your network from their perspective. How can a low-severity flaw on one server be combined with a...

What Is a Risk-Based Vulnerability Management Tool?

Your security team is talented, but they aren't miracle workers. With a persistent skills shortage and ever-tightening budgets, asking them to patch every single vulnerability is not just unrealistic; it's inefficient. Chasing low-risk issues wastes valuable time and leads to burnout, all while...

The Complete Vulnerability Management Lifecycle: A 6-Stage Framework for Proactive Security

The National Vulnerability Database adds over 2,000 new CVEs every month. No security team can patch them all, and trying to do so is a fast track to burnout. The organizations that stay ahead of breaches aren't the ones that scan the most. They're the ones that follow a structured, repeatable...

12 Best Practices for Securing AWS Cloud in 2026

Key Takeaways Securing AWS cloud in 2026 depends on continuous, risk-based governance rather than isolated tools or one-time checks. Most cloud security incidents stem from customer-side issues such as identity misuse, misconfigurations, and exposed workloads. Effective security for AWS cloud...

External Attack Surface Management: What It Is, Why It Matters, and How to Get It Right

Every organization with internet-facing assets has an external attack surface. The question is whether you can see all of it before an attacker does. External attack surface management EASM gives security teams the continuous visibility, context, and control they need to find and fix exposures...

Risk-Based Vulnerability Management: The Complete Guide to Smarter Threat Prioritization

Your vulnerability scanner just flagged 12,000 findings. Your team has the bandwidth to remediate maybe 200 this sprint. Which ones do you fix first? If your answer is "sort by CVSS score and work down the list," you are making the same mistake most security teams make. You are treating a 9.8-rat...

Triggering and Detecting Exploitable Library Vulnerability from the Client by Directed Greybox Fuzzing

Developers utilize third-party libraries to improve productivity, which also introduces potential security risks. Existing approaches generate tests for public functions to trigger library vulnerabilities from client programs, yet they depend on proof-of-concepts PoCs, which are often unavailable...

How Microsoft Defender protects high-value assets in real-world attack scenarios

In this article 1. Using asset context to strengthen detection 2. How high-value asset protection works 3. Real-world high-value asset protection scenarios 4. Protecting your HVAs 5. Learn more High-value assets including domain controllers, web servers, and identity infrastructure are frequent...

Framework for Risk-Based IoT Cybersecurity Audit Engagements

The use of Internet of Things IoT devices is growing at a rapid rate. While much of this growth is consumer devices, IoT devices are also commonly found in corporate and industrial environments, as well. These devices can be organization-owned and managed by an information technology unit, deploy...

New e-book: Establishing a proactive defense with Microsoft Security Exposure Management

Effective exposure management begins by illuminating and hardening risks across the entire attack surface. Some of the most meaningful shifts in security happen quietly—when teams take a clear look at their exposure landscape and acknowledge the gap between where they stand today and where they...

New e-book: Establishing a proactive defense with Microsoft Security Exposure Management

Effective exposure management begins by illuminating and hardening risks across the entire attack surface. Some of the most meaningful shifts in security happen quietly—when teams take a clear look at their exposure landscape and acknowledge the gap between where they stand today and where they...

New: AI-Powered Patch Reliability Scoring—Predict Patch Impact Before You Deploy

What do advisory USN-7545-1 and Windows updates KB5065426 , KB5063878 , KB5055523 , and KB5066835 have in common? Based on anonymized Qualys telemetry from 2025, they were among the most frequently rolled-back patches , in other words, patches that had to be undone after deployment. Rollbacks...