Mastodawn

TechNadu Mar 19

CISA adds Zimbra XSS (CVE-2025-66376) to KEV.
Actively exploited.
Patch immediately.

Source: https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog

Follow TechNadu.

#InfoSec #VulnMgmt

Offensive Sequence Feb 11

Microsoft Patch Tuesday (Feb 2026): 59 flaws patched, 6 exploited in the wild (inc. Windows Shell, IE engine, Word, RDP, Azure). 5 CRITICAL. Patch ASAP to block RCE, priv esc & security bypasses. https://radar.offseq.com/threat/microsoft-patch-tuesday-january-2026-tue-feb-10th-86635a1f #OffSeq #Microsoft #VulnMgmt #PatchTuesday

Jerry Gamblin Dec 5

London bound next week (Dec 7–15)! 🇬🇧

I’ll be at #BlackHatEU giving my talk on the "Post-NVD Era" (Thurs Dec 11 @ 2:30 PM) and then hitting up #BSidesLDN for the weekend.

#Infosec #VulnMgmt #CVE

Offensive Sequence Nov 12

🚨 Microsoft’s Nov 2025 Patch Tuesday: 80 vulns, 5 CRITICAL. Actively exploited Windows Kernel (CVE-2025-62215) enables privilege escalation. GDI+, DirectX, Office also impacted. Prioritize patching & enhance monitoring! https://radar.offseq.com/threat/microsoft-patch-tuesday-for-november-2025-tue-nov--3fb8b7ea #OffSeq #Microsoft #PatchTuesday #VulnMgmt

Offensive Sequence Oct 23

⚠️ HIGH-severity operational risk: the remediation gap in multi-tool cloud environments delays fixing critical vulnerabilities. Solutions like Pentera Resolve automate and unify workflows, reducing exposure and ensuring compliance. More info: https://radar.offseq.com/threat/bridging-the-remediation-gap-introducing-pentera-r-0c2edfa6 #OffSeq #VulnMgmt #CloudSec

Sentinel Security Jul 20, 2025

⚠️ CVE-2025-53770
🧨 Critical Deserialization Vulnerability in on-prem Microsoft SharePoint Server
🌐 Exploitable remotely – lets attackers execute arbitrary code without auth!

🔍 Full details soon in our new Vulnerability Management Portal – launching shortly.
📡 Stay secure. Stay ahead.
#CVE2025 #SharePoint #Infosec #VulnMgmt

Joseph Zeng Jun 12, 2025

OWASP Agentic AI Top 10 Vulnerability Scoring System (AIVSS) and OWASP AI testing guide

https://aivss.owasp.org/
https://github.com/OWASP/www-project-ai-testing-guide

#owasp #ai #vulnmgmt

OWASP Agentic AI Top 10 Vulnerability Scoring System (AIVSS) & Comprehensive AI Security Framework | OWASP Foundation

Developing a rigorous scoring system for Agentic AI Top 10 vulnerabilities, leading to a comprehensive AIVSS framework for all AI systems.

Sentinel Security May 20, 2025

🎯 Vulnerabilities are inevitable.
Being caught off guard isn’t.
With the right tools and processes, you turn CVEs from threats into tasks.
#ProactiveSecurity #VulnMgmt

Sentinel Security May 20, 2025

🧪 Vulnerability scans without context are like fire alarms with no location.
Get clear visibility on:
➡️ Business impact
➡️ Exploitability
➡️ Exposure
Prioritize with intelligence.
#SmartSecurity #VulnMgmt

Sentinel Security May 20, 2025

💣 A high CVSS score doesn’t always mean high risk.
➡️ Is it exploitable?
➡️ Is it exposed?
➡️ Is it in your attack path?
Sentinel decisions beat reactive patching.
#RiskBasedSecurity #VulnMgmt