Tenable blog
Microsoft Copilot Studio Security Risk: How Simple Prompt Injection Leaked Credit Cards and Booked a $0 Trip
Microsoft Patch Tuesday 2025 Year in Review
Microsoft addressed over 1,100 CVEs as part of Patch Tuesday releases in 2025, including 40 zero-day vulnerabilities.Key takeaways:Microsoft's 2025 Patch Tuesday releases addressed 1,130 CVEs. This is the second year in a row where the CVE count was over 1,000. Elevation of Privilege…
Preparing for Cisco Vulnerability Management (formerly Kenna) End-of-Life: How Tenable Can Help
Cisco Vulnerability Management (formerly Kenna) has long been a valuable partner for security teams. With its end-of-life now underway, Tenable One offers a clear path forward, delivering end-to-end unified exposure management for the future of risk management.
Microsoft’s December 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-62221)
Microsoft addresses 56 CVEs, including two publicly disclosed vulnerabilities and one zero-day that was exploited in the wild to close out the final Patch Tuesday of 2025
Identifying and Securing AI Workloads
Learn why AI workloads demand a new approach to cloud security.
Detecting AI Security Risks Requires Specialized Tools: Time to Move Beyond DLP and CASB
Learn why your existing security tech won’t detect data exposure, prompt injection and manipulation, and other AI security risks from ChatGPT Enterprise, Microsoft 365 Copilot, and other LLMs.
Cybersecurity Snapshot: Fending Off BRICKSTORM Malware Data-Theft Attacks and Integrating AI into OT Securely
CISA has identified a China-backed BRICKSTORM malware campaign targeting the IT and government sectors. Meanwhile, global agencies released a guide for adding AI safely to OT. Plus, proving your online content is legit; fighting cyber fraud; and preventing bank account takeover scams.
What’s New in Tenable Cloud Security: November Updates in Exposure Management
Tenable Cloud Security delivers critical capabilities to unify security across your entire attack surface. Our latest enhancements let you extend your on-prem vulnerability management program to the cloud; gain granular visibility into external access risk; and discover Snowflake sensitive data.
CVE-2025-55182: Frequently Asked Questions About React2Shell: React Server Components Remote Code Execution Vulnerability
A maximum severity vulnerability (CVSS 10) was discovered in React, one of the most popular JavaScript frameworks. If your app supports React Server Components, you are likely vulnerable out of the box, even if you aren’t using Server Functions explicitly. Patch immediately.
Exposure Management Vs. Siloed Security Tools: 4 Ways to Supercharge Your Strategy — and Your Career
Adding more tools to your vulnerability management program only adds noise and expense without solving your biggest challenges. With an exposure management platform, you can address your current needs without straining your budget — and boost your career by demonstrating your skills in the process…
Contact our sales team