Vendor Risk Management Updates
SPM App Updates
- Findings Table History – June 25, 2025
- Instant Reply for User-Requested Rescans – June 25, 2025
- Enable or Disable Tag Inheritance – April 24, 2025
- Guest Network Exclusion – April 23, 2025
- Web Application Security in Risk Remediation Plan – April 8, 2025
- Issue Tracking Propagation in the Ratings Tree – April 7, 2025
Bitsight Data Changes
- Web Application Security Status and FAQ – June 24, 2025
- Exposed Credentials Data – April 11, 2025
- DVE in the Emerging Security Events Card – April 3, 2025
- Grace Period Status for Company-Provided Infrastructure – February 20, 2025
- Dynamic Remediation: Rescan User Experience Improvements — February 28, 2025
- Ratings Algorithm Update – February 5, 2025
Cybersecurity News
- Next.js Authorization Bypass Vulnerability [CVE-2025-29927] – April 3, 2025
- SonicWall Improper Authentication Vulnerability [CVE-2024-53704] – February 26, 2025
- SonicWall Untrusted Data Pre-authentication Deserialization [CVE-2025-23006] – January 24, 2025
- Ivanti Zero-Day [CVE-2025-0282 & CVE-2025-0283] – January 16, 2025
- Cleo File Transfer [CVE-2024-50623 & CVE-2024-55956] – December 17, 2024
- CUPS Printing System Vulnerabilities – September 27, 2024