StateTech Magazine

Vulnerability Exploitability eXchange: Smarter Patching for State and Local IT Teams

VEX helps public-sector security teams prioritize repairs by identifying which vulnerabilities affect their systems.
The Hacker News

Product Walkthrough: How Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

CSMA links siloed security tools into attack paths to crown jewels, exposing hidden risks and enabling faster remediation.

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.
TechRepublic

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions Your email has been sent A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes ...

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

Six security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived: runtime semantic ...

Theori launches Xint Code AI platform to uncover hidden vulnerabilities in massive codebases

Offensive cybersecurity firm Theori Inc. today announced the commercial availability of Xint Code, a new large language model ...
The Hacker News

The Curated Catalog: The Biggest Defense Against Shai-Hulud 3.0

Shai-Hulud 2.0 exploited CI/CD pipelines in 2025, exposing shift-left flaws and driving curated catalogs to reduce CVE risk by 99%.
Bleeping Computer

News in the Security category

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks. Companies House, a ...