SecurityWeek

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The cybersecurity of business is not the function of CISA. CISA’s remit is to raise the security of FECB agencies, and KEV is ...
Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

KEV Collider combines data from multiple open source vulnerability frameworks to help cybersecurity teams assess which issues ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...
PCQuest on MSN

One command, full recon: Why AutoPentestX matters for Linux pentesters

Many times when performing penetration tests, there is no lack of tools for conducting penetration testing, but rather the issue relates to performing penetration testing in a fractured way.
IEEE

StagedVulBERT: Multigranular Vulnerability Detection With a Novel Pretrained Code Model

Abstract: The emergence of pre-trained model-based vulnerability detection methods has significantly advanced the field of automated vulnerability detection. However, these methods still face several ...