Blogs Tenable
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Tenable Named a Challenger in the 2026 Gartner® Magic Quadrant™ for CPS Protection Platforms
Security is no longer a siloed effort. Find out how Tenable integrates mature industrial security capabilities into an enterprise-ready approach for unified exposure management.
Strengthening California’s Cyber Defenses: Apply Now for FFY 2024 SLCGP Grants
Cal OES offers up to $250,000 to help California’s state, local, and tribal agencies strengthen their digital infrastructure against evolving cyber threats. Organizations must submit their applications by March 13, 2026.
Operation Epic Fury: Potential Iranian Cyber Counteroffensive Operations
Following the joint military operation known as Operation Epic Fury, the Tenable Research Special Operations (RSO) team is providing an update regarding potential cyber counteroffensive operations conducted by Iran-linked threat actors.
CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild
Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been reported. Immediate patching is recommended to thwart ongoing attacks.
New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware
Tenable Research investigated a malicious npm package with around 50,000 downloads in the public registry. We observed various detection-evasion techniques and saw it deploy multiple powerful open-source malware variants.
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s "dynamic objects" feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze.
Le piège de la vélocité du cloud et de l'IA : pourquoi la gouvernance est à la traîne de l'innovation
L'adoption de l'IA dépasse la gouvernance cyber traditionnelle. Le « Rapport Tenable 2026 sur les risques de sécurité liés au cloud et à l'IA » révèle comment les identités surprivilégiées et les dépendances non surveillées de la chaîne d'approvisionnement exposent les entreprises. Vous y trouverez 10 tactiques infaillibles pour bloquer vos chemins d'attaque les plus critiques.
Gartner® désigne Tenable comme la nouvelle « entreprise à battre » (Company to Beat) en évaluation de l'exposition alimentée par l'IA dans un rapport de 2025
« La couverture des assets et de la surface d'attaque par Tenable, son application de l'IA et sa réputation en matière d'évaluation des vulnérabilités en font le leader en évaluation de l'exposition alimentée par l'IA », écrit Gartner dans son rapport « AI Vendor Race: Tenable Is the Company to Beat for AI-Powered Exposure Assessment ».
Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)
Microsoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild and three publicly disclosed CVEs.