Tenable blog
CVE-2025-53786: Frequently Asked Questions About Microsoft Exchange Server Hybrid Deployment Elevation of Privilege Vulnerability
Cybersecurity Snapshot: CISA Analyzes Malware Used in SharePoint Attacks, as U.K. Boosts Cyber Assessment Framework
Check out what CISA found after it dissected malware from the latest SharePoint hacks. Plus, the U.K.’s cyber agency is overhauling its cyber framework to keep pace as threats escalate. In addition, CISA is sounding the alarm on a high-severity vulnerability impacting hybrid Exchange environments. A...
We're a Major Player in the 2025 IDC MarketScape for CNAPP. Here's Why That Matters for Your Cloud Security.
"With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report....
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild
Trend Micro releases a temporary mitigation tool to reduce exposure to two unpatched zero-day command injection vulnerabilities which have been exploited....
Act Now: $100M in FY25 Cyber Grants for SLTTs Available Before August 15
With over $100 million on the table in FY25 cybersecurity grants, state, local and tribal governments have until August 15, 2025 to apply to secure critical cyber funding to strengthen their defenses....
The AI Security Dilemma: Navigating the High-Stakes World of Cloud AI
AI presents an incredible opportunity for organizations even as it expands the attack surface in new and complex ways. For security leaders, the goal isn't to stop AI adoption but to enable it securely.Artificial Intelligence is no longer on the horizon; it's here, and it's being built and deployed ...
Introducing Tenable AI Exposure: Stop Guessing, Start Securing Your AI Attack Surface
Now available in Tenable One, Tenable AI Exposure gives you visibility into how your teams use AI platforms and where that usage could put your data, users and defenses at risk....
CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison)
Researchers have disclosed two vulnerabilities in Cursor, the popular AI-assisted code editor, that impact its handling of model context protocol (MCP) servers, which could be used to gain code execution on vulnerable systems....
Frequently Asked Questions About SonicWall Gen 7 Firewall Ransomware Activity
An increase in ransomware activity tied to SonicWall Gen 7 Firewalls has been observed, possibly linked to the exploitation of a zero-day vulnerability in its SSL VPN....
The White House AI Action Plan: A Critical Opportunity to Secure the Future
AI without built-in cybersecurity remains a liability. The AI Action Plan presents a pivotal opportunity to get this right by emphasizing a secure-by-design approach....
