logo

Qualys Blog

ID: 238d9eda-62f4-519f-ad05-e8f31580e042

STIX ID: identity--238d9eda-62f4-519f-ad05-e8f31580e042

Feed Type: rss

Earliest post: 2023-11-27

Latest post: 2026-05-28

Threat research, vulnerability management insights, cloud & endpoint security guidance, and expert analysis from the Qualys cybersecurity team.

01/01/2020
05/29/2026
Title Date Published Describes IncidentAuthorVisible
CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path2026-05-20TrueSaeed AbbasiTrue
Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review2026-05-12TrueDiksha OjhaTrue
Dirty Frag: Using the Page Caches as an Attack Surface2026-05-09TrueMayuresh DaniTrue
Don’t Wait for a Patch. Mitigate RedSun Zero-Day Risk in Microsoft Defender Today 2026-04-22TrueMukesh ChoudharyTrue
Oracle Critical Patch Update, April 2026 Security Update Review2026-04-22TrueDiksha OjhaTrue
Microsoft and Adobe Patch Tuesday, April 2026 Security Update Review2026-04-14TrueDiksha OjhaTrue
Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw2026-04-13TrueViren ChaudhariTrue
CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root2026-03-17TrueSaeed AbbasiTrue
Countering Current Geopolitical Cyber Threats Based on CISA Intel With Qualys2026-03-17TrueAlex KreileinTrue
CrackArmor: Critical AppArmor Flaws Enable Local Privilege Escalation to Root2026-03-12TrueSaeed AbbasiTrue
Microsoft Patch Tuesday, March 2026 Security Update Review2026-03-10TrueDiksha OjhaTrue
How Security Tool Misuse Is Reshaping Cloud Compromise2026-02-19TrueSayali WarekarTrue
Microsoft and Adobe Patch Tuesday, February 2026 Security Update Review2026-02-10TrueDiksha OjhaTrue
Mutagen Astronomy: From Discovery to CISA Recognition—A Seven-Year Journey2026-02-02TrueSaeed AbbasiTrue
How Public Container Registries Have Become a Silent Risk Multiplier in a Modern Supply Chain2026-01-22TrueAmit GadhaveTrue
Why Serverless Risk Demands Identity-Aware Security at Cloud Scale 2026-01-15TrueSiddhant PatilTrue
Microsoft Patch Tuesday, January 2026 Security Update Review2026-01-13TrueDiksha OjhaTrue
ShadyPanda: The Silent Browser Takeover Threat and How Qualys TruRisk Eliminate Helps You Stop It2025-12-17TrueLavish JhambTrue
React2Shell: Decoding CVE-2025-55182 – The Silent Threat in React Server Components2025-12-11TrueKaustubh JagtapTrue
Microsoft and Adobe Patch Tuesday, December 2025 Security Update Review2025-12-09TrueDiksha OjhaTrue
Active Exploitation of 7-Zip RCE Vulnerability Shows Why Manual Patching is No Longer an Option 2025-12-04TrueMohd Anas KhanTrue
Unauthenticated Authentication Bypass in Fortinet FortiWeb (CVE-2025-64446) Exploited in the Wild2025-11-15TrueMayuresh DaniTrue
Microsoft Patch Tuesday, November 2025 Security Update Review2025-11-11TrueDiksha OjhaTrue
Inside an Automotive Giant’s Data Leak — A Cloud Misconfiguration Lesson for AWS Users2025-11-03TrueRahul PareekTrue
What Security Teams Need to Know as PHP and IoT Exploits Surge  2025-10-30TrueAmit GadhaveTrue
Oracle Critical Patch Update, October 2025 Security Update Review2025-10-23TrueDiksha OjhaTrue
A Strategic Response to the F5 BIG-IP Nation-State Breach2025-10-18TrueSaeed AbbasiTrue
Microsoft and Adobe Patch Tuesday, October 2025 Security Update Review2025-10-14TrueDiksha OjhaTrue
Patch Automation for Browsers with TruRisk™ Eliminate2025-09-24TrueMohd Anas KhanTrue
When Dependencies Turn Dangerous: Responding to the NPM Supply Chain Attack2025-09-10TrueAbhinav MishraTrue
Microsoft and Adobe Patch Tuesday, September 2025 Security Update Review2025-09-09TrueDiksha OjhaTrue
Fortifying Your Cloud Against Cross-Service Confused Deputy Attacks2025-07-24TrueNehal BaviskarTrue
ToolShell Zero-day: Microsoft Rushes Emergency Patch for Actively Exploited SharePoint Vulnerabilities2025-07-21TrueSaeed AbbasiTrue
Understanding the Impact of Scattered Spider on the Airline & Transportation Industry2025-07-21TrueApril LenhardTrue
Oracle Critical Patch Update, July 2025 Security Update Review2025-07-16TrueDiksha OjhaTrue
Microsoft and Adobe Patch Tuesday, July 2025 Security Update Review2025-07-08TrueDiksha OjhaTrue
Lessons from Qilin: What the Industry’s Most Efficient Ransomware Teaches Us2025-06-18TrueKen DunhamTrue
Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks2025-06-17TrueSaeed AbbasiTrue
Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review2025-06-10TrueDiksha OjhaTrue
Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-45982025-05-29TrueSaeed AbbasiTrue
Fileless Execution: PowerShell Based Shellcode Loader Executes Remcos RAT2025-05-15TrueAkshay ThorveTrue
Microsoft and Adobe Patch Tuesday, May 2025 Security Update Review2025-05-13TrueDiksha OjhaTrue
Inside LockBit: Defense Lessons from the Leaked LockBit Negotiations2025-05-08TrueSaeed AbbasiTrue
The Verizon 2025 Data Breach Investigations Report (DBIR): Six Trends You Can’t Ignore2025-04-23TrueSaeed AbbasiTrue
Oracle Critical Patch Update, April 2025 Security Update Review2025-04-16TrueDiksha OjhaTrue
Microsoft and Adobe Patch Tuesday, April 2025 Security Update Review2025-04-08TrueDiksha OjhaTrue
Qualys TRU Discovers Three Bypasses of Ubuntu Unprivileged User Namespace Restrictions2025-03-27TrueSaeed AbbasiTrue
Microsoft and Adobe Patch Tuesday, March 2025 Security Update Review2025-03-11TrueDiksha OjhaTrue
Defense Lessons From the Black Basta Ransomware Playbook2025-02-25TrueSaeed AbbasiTrue
Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-264662025-02-18TrueSaeed AbbasiTrue

1–50 of 110

Built by the dogesec team. Copyright 2026.