Blog da Tenable
Shift from Reactive to Proactive: Leveraging Tenable Exposure Management for MSSP Success
OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services
Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability…
Oracle July 2025 Critical Patch Update Addresses 165 CVEs
Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates.
Understanding and Managing Cyber Risk: An Exposure Management FAQ for Business Leaders
Todas as segundas-feiras, a Tenable Exposure Management Academy fornece a orientação prática e real de que você precisa para mudar do gerenciamento de vulnerabilidades para o gerenciamento de exposição. In this post, we answer some questions we’ve gotten recently the best way to determine, understand and communicate your risks.
Cybersecurity Snapshot: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership
Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber…
Como a Tenable Research descobriu uma vulnerabilidade crítica de execução remota de código no Anthropic MCP Inspector
Tenable Research recently discovered a critical vulnerability impacting Anthropic's MCP Inspector tool, a core element of the MCP ecosystem. In this blog, we provide details on how we discovered the vulnerability in this widely used open-source tool — and what users can do about it..
Segurança de IA: falhas na Web ressurgem na corrida para usar servidores MCP
In the rush to implement AI tools and services, developers are rapidly embracing the Model Context Protocol (MCP). In the process, classic vulnerabilities are resurfacing and new ones are being introduced. In this blog, we outline key areas of concern and how Tenable Web App Scanning can help.
Patch Tuesday de julho de 2025 da Microsoft aborda 128 CVEs (CVE-2025-49719)
Microsoft addresses 128 CVEs, including one zero-day vulnerability that was publicly disclosed.
Entenda sua superfície de ataque: o segredo para um gerenciamento de exposição eficaz
Todas as segundas-feiras, a Tenable Exposure Management Academy fornece a orientação prática e real de que você precisa para mudar do gerenciamento de vulnerabilidades para o gerenciamento de exposição. In this post, Tenable security engineer Aaron Roy shares how he led the integration of attack surface management with exposure…
Cybersecurity Snapshot: Expert Advice for Boosting AI Security
With businesses going gaga for artificial intelligence, securing AI systems has become a key priority and a top challenge for cybersecurity teams, as they scramble to master this emerging and evolving field. In this special edition of the Cybersecurity Snapshot, we highlight some of the best…