Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable blog

July 21, 2025

Forrester Names Tenable a Leader in the Q3 2025 Unified Vulnerability Management Solutions Wave™ Report

“Tenable continues to extend its established vulnerability management offerings into exposure management with its Tenable One platform,” according to the report.

July 21, 2025

How Exposure Management Can Turn a Torrent of Data into Insight

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we look at the results of a survey taken during a recent Tenable webinar on the greatest cybersecurity challenges....


July 20, 2025

CVE-2025-53770: Frequently Asked Questions About Zero-Day SharePoint Vulnerability Exploitation

Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution....


July 18, 2025

CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild

A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation....


July 18, 2025

Cybersecurity Snapshot: AI Security Tools Embraced by Cyber Teams, Survey Finds, as Vulnerability Research Gets a Boost from UK Cyber Agency

Check out why AI security tools are turning into “must have” assets for cyber teams. Plus, get the details on the NCSC’s efforts to supercharge its bug hunting capabilities. Meanwhile, Tenable webinar attendees shared their experience securing machine identities. And get the latest on the crypto cri...


July 16, 2025

OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services

Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability als...


July 15, 2025

Oracle July 2025 Critical Patch Update Addresses 165 CVEs

Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates....


July 14, 2025

Understanding and Managing Cyber Risk: An Exposure Management FAQ for Business Leaders

Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we answer some questions we’ve gotten recently the best way to determine, understand and communicate your risks....


July 11, 2025

Cybersecurity Snapshot: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership

Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber defense...


July 9, 2025

How Tenable Research Discovered a Critical Remote Code Execution Vulnerability on Anthropic MCP Inspector

Tenable Research recently discovered a critical vulnerability impacting Anthropic's MCP Inspector tool, a core element of the MCP ecosystem. In this blog, we provide details on how we discovered the vulnerability in this widely used open-source tool — and what users can do about it.....


Cybersecurity news you can use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

A Look Inside the Ransomware Ecosystem

Download the Report >