Tenable 部落格
CVE-2026-1281, CVE-2026-1340: Ivanti Endpoint Manager Mobile (EPMM) Zero-Day Vulnerabilities Exploited
全新推出的 Tenable One AI Exposure: 大規模保護 AI 使用的全新標準
利用 Tenable One AI Exposure,持續探索並監控企業內的所有 AI 使用情況,包含影子 AI、代理及瀏覽器外掛程式等。 對應複雜的 AI 工作流程以揭示高衝擊曝險,並監控是否符合安全規範及 AI 合理使用原則。
Oracle January 2026 Critical Patch Update Addresses 158 CVEs
Oracle addresses 158 CVEs in its first quarterly update of 2026 with 337 patches, including 27 critical updates.
Tenable Discovers SSRF Vulnerability in Java TLS Handshakes That Creates DoS Risk
Tenable Research has discovered a server-side request forgery (SSRF) vulnerability in Java’s handling of client certificates during a TLS handshake. In certain configurations, this can be abused to cause a denial-of-service (DoS) condition.Key takeawaysTenable Research identified a vulnerability in…
CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.Key takeaways:CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. Fortinet vulnerabilities have…
Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)
Microsoft addresses 113 CVEs in the first Patch Tuesday of 2026, with two zero-days, including one that was exploited in the wild.
Tenable Is a Gartner® Peer Insights™ Customers’ Choice for Cloud-Native Application Protection Platforms
This recognition — based entirely on feedback from the people who use our products every day — to us is a testament to the unmatched value Tenable Cloud Security CNAPP offers organizations worldwide.
網路安全概要: Predictions for 2026: AI Attack Acceleration, Automated Remediation, Custom-Made AI Security Tools, Machine Identity Threats, and More
In this special edition, Tenable leaders forecast key 2026 trends, including: AI will make attacks more plentiful and less costly; machine identities will become the top cloud risk; preemptive cloud and exposure management will dethrone runtime detection; and automated remediation gets the go-ahead.
CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild
A recently disclosed vulnerability affecting MongoDB instances has been reportedly exploited in the wild. Exploit code has been released for this flaw dubbed MongoBleed.
網路安全概要: 2025 Rewind: Essential Cyber Insights, Strategies and Tactics
In this special year-end edition, we revisit critical advice from our cybersecurity experts on AI, exposure management, cloud, vulnerability management, OT, and critical infrastructure.
聯絡我們的銷售團隊