Blogs Tenable
LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem)
From Clawdbot to Moltbot to OpenClaw: Security Experts Detail Critical Vulnerabilities and 6 Immediate Hardening Steps for the Viral AI Agent
Moltbot, the viral AI agent, offers immense power but is riddled with critical vulnerabilities, including remote code execution (RCE), exposed control interfaces, and malicious extensions. Read on to understand the vulnerabilities associated with Moltbot and the immediate security practices users…
Frequently Asked Questions About Notepad++ Supply Chain Compromise
Threat actors compromised the update infrastructure for Notepad++, redirecting traffic to an attacker controlled site for targeted espionage purposes.
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More
Tenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers.
CVE-2026-1281, CVE-2026-1340: Ivanti Endpoint Manager Mobile (EPMM) Zero-Day Vulnerabilities Exploited
Two Critical vulnerabilities in Ivanti’s popular mobile device management solution have been exploited in the wild in limited attacks
Présentation de Tenable One AI Exposure : Une nouvelle norme pour sécuriser l'utilisation de l'IA à grande échelle
Grâce à Tenable One AI Exposure, découvrez et surveillez en continu toutes les utilisations de l'IA dans votre entreprise, notamment le Shadow AI, les agents, les plug-ins de navigateur, etc. Cartographiez les workflows d'IA complexes pour révéler les expositions à fort impact et surveiller la conformité avec les politiques de sécurité et d'utilisation acceptable de l'IA.
Oracle January 2026 Critical Patch Update Addresses 158 CVEs
Oracle addresses 158 CVEs in its first quarterly update of 2026 with 337 patches, including 27 critical updates.
Tenable Discovers SSRF Vulnerability in Java TLS Handshakes That Creates DoS Risk
Tenable Research has discovered a server-side request forgery (SSRF) vulnerability in Java’s handling of client certificates during a TLS handshake. In certain configurations, this can be abused to cause a denial-of-service (DoS) condition.Key takeawaysTenable Research identified a vulnerability in…
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.Key takeaways:CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. Fortinet vulnerabilities have…
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild.
Contactez notre équipe commerciale