June 25, 2024 at 08:14AM The latest Omdia Vulnerability Report highlights Trend Micro™ Zero Day Initiative’s significant role in cybersecurity, spearheading 60% of 2023 disclosures. This underscores Trend’s comprehensive threat coverage, proactive risk mitigation, and trustworthiness. Leveraging Trend’s expertise can help organizations effectively manage attack surface risk and stay ahead of potential cyber threats. Based … Read more
May 29, 2024 at 11:00AM Humanativa Group identified security vulnerabilities in Eclipse ThreadX, previously known as Azure RTOS. Marco Ivaldi found issues, including memory corruption and DoS risk, from research of publicly available source code. The flaws were reported to Microsoft and Eclipse Foundation and addressed in Eclipse ThreadX version 6.4.0, with additional bugs to … Read more
May 1, 2024 at 11:21AM Google has raised the bug bounty rewards for its Mobile VRP, offering up to $450,000 for a single vulnerability report meeting certain criteria. Researchers can earn up to $150,000 for code execution flaws in Tier 2 apps and $45,000 for issues in Tier 3 apps. Reports without proposed patches may … Read more
April 19, 2024 at 09:48AM SecurityWeek’s cybersecurity news roundup offers a curated selection of significant developments, including incidents of backdooring attempts, increased funding for cybersecurity startups, and vulnerabilities in AI/ML supply chain. Additionally, it reports on legislative developments, cybercriminal activities targeting the automotive industry, and a Moldovan botnet operator’s indictment in the US. Based on … Read more
February 16, 2024 at 08:09AM Cybersecurity startup Protect AI disclosed eight vulnerabilities in the open source supply chain used for in-house AI/ML models, including critical and high-severity ones with CVE numbers. Protect AI emphasized the need for an AI/ML BOM to address unique AI risks. Their vulnerability detection methods include a bug bounty program and … Read more