CISA instructs federal agencies to address Microsoft bug


Departments must apply a patch for the vulnerability to all Windows endpoints by July 22.

Federal agencies have until Dec. 24 to apply fixes for Log4Shell vulnerability


DHS directives give departments 15 days to respond to critical vulnerabilities of this type.

DHS questions vulnerability disclosure program


Undiscovered vulnerabilities in agency information systems could be exploited by nation-states or hackers.

Report: Two Interior Department agencies riddled with IT vulnerabilities


Thousands of critical and high-risk vulnerabilities were identified on IT assets at the Bureau of Indian Affairs and Bureau of Indian Education, according to an inspector general report released to the public.

Google aims to fix XSS, make the web safer


Ninety-five percent of the one billion websites Google scanned ​recently were vulnerable to Cross-Site Scripting, or XSS, attacks, allowing hackers to load malicious code onto the computers of anyone who visited their page. This week the company issued tools​ to help web developers identify and mitigate XSS vulnerabilities.

Critical vulnerability discovered in MySQL application


A researcher has discovered a critical security flaw in the world's most widely used open-source database application — one that could allow hackers to completely take over a web server.