September 17, 2024 at 05:00PM Broadcom has released two patches addressing critical vulnerabilities in VMware vCenter Server and Cloud Foundation. CVE-2024-38812 is a heap overflow flaw with a CVSS score of 9.8, enabling remote code execution. CVE-2024-38813 allows for privilege escalation and has a CVSS score of 7.5. Both vulnerabilities were discovered during a cyber … Read more
May 16, 2024 at 10:10AM The National Vulnerability Database (NVD) initially created by NIST to centralize cybersecurity vulnerability intelligence is now struggling due to various factors. Increased accessibility led to a surge in low-quality reports, with inexperienced researchers seeking recognition and monetary incentives. As a result, the NVD has not updated vulnerabilities since February, highlighting … Read more
December 14, 2023 at 10:08AM The annual Hack the Capitol event brings together scientists, hackers, and policymakers to educate about critical cybersecurity challenges. The convergence of AI, security concerns, and policy efforts is evident. Public support for new policy guardrails has reinforced government and industry involvement with bug bounties. Government agencies have stepped up to … Read more