The security vendor silently patched a vulnerability, but did not assign the flaw a CVE or publicly disclose its existence until 17 days later. By then, widespread…

The vendors disclosed and patched the defects last summer, but not before advanced attackers exploited the vulnerabilities to likely gain prolonged access for espionage, according to Amazon.

Researchers warn that although exploitation of the zero-day is complex, a functional exploit exists in the wild.

Researchers say the nation-state attacker could cause more serious problems with the BIG-IP source code it nabbed during the attack on F5’s systems.

The tech giant didn’t report active exploitation of any of the patched defects, yet details about potential impacts remain limited.

Microsoft addressed the critical vulnerability earlier this month, but had to issue an emergency update to resolve issues it previously missed.

The high-severity defect affects a widely used — but largely hidden — archive tool that spans many forks.

The tech giant addressed a record-high number of defects for the year in its latest update.

The tech giant doesn’t provide details about the severity of vulnerabilities it discloses, but none of the new defects are under active attack.

The company is ahead of pace, disclosing about 100 more vulnerabilities at this point in the year than it did in 2024, according to a researcher.