qualysblog - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.1	QUALYSBLOG:1E41...	Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw_QUALYSBLOG:1E41394DA1A61BA2215F8A3E0935E876 * * * #### Executive Summary _An unauthorized OpenClaw AI agent was detected disguised as a routine package on a Windows Server host. The situati...	N/A	N/A	Apr 13, 2026	QUALYSBLOG
NONE	QUALYSBLOG:8E82...	12 Best Practices for Securing AWS Cloud in 2026_QUALYSBLOG:8E8217F288B61AB08F8A323E7F446A10 Key Takeaways * Securing AWS cloud in 2026 depends on continuous, risk-based governance rather than isolated tools or one-time checks. * M...	N/A	N/A	Apr 9, 2026	QUALYSBLOG
NONE	QUALYSBLOG:C053...	Scaling Modern AppSec: Moving from Static Profiles to AI-Powered Scan Optimization_QUALYSBLOG:C053B5902377923CD1FA14ED531C5AF1 ### Key Highlights * The Scale Challenge: As application portfolios grow and release cycles accelerate, traditional scanning models create a...	N/A	N/A	Apr 9, 2026	QUALYSBLOG
NONE	QUALYSBLOG:B8CE...	How Security Tool Misuse Is Reshaping Cloud Compromise_QUALYSBLOG:B8CE720839E7E14306C88E3A06A197C0 #### Key Takeaways * Legitimate secret-scanning tools such as TruffleHog have been operationalized in real-world cloud attack campaigns. * Att...	N/A	N/A	Feb 19, 2026	QUALYSBLOG
NONE	QUALYSBLOG:0FBD...	New: AI-Powered Patch Reliability Scoring—Predict Patch Impact Before You Deploy_QUALYSBLOG:0FBD639172CABB4B986F987C2057FA66 What do advisory USN-7545-1 and Windows updates KB5065426 , KB5063878 , KB5055523 , and KB5066835 have in common? Based on ano...	N/A	N/A	Feb 18, 2026	QUALYSBLOG
NONE	QUALYSBLOG:95BC...	Qualys Recognized as a Leader in the 2026 Forrester Wave™ for CNAPP_QUALYSBLOG:95BC6474E44DE737DF519D0DB1C711AA ## Qualys’ Key Takeaways * Qualys Named a Leader: Recognized as one of only three leaders in The Forrester Wave![™](https://s.w.org/imag...	N/A	N/A	Feb 17, 2026	QUALYSBLOG
NONE	QUALYSBLOG:E14F...	Active Directory Attacks Demystified: Pass-the-Hash (PtH), Pass-the-Ticket (PtT), and Beyond_QUALYSBLOG:E14F15C5C738DE9DF2E71F5FF523FC2B ## Key Takeaways * Active Directory attacks are identified as a significant threat in enterprise environments, with 74% of breaches involvin...	N/A	N/A	Feb 12, 2026	QUALYSBLOG
CRITICAL 9.8	QUALYSBLOG:73DE...	Microsoft Patch Tuesday, February 2026 Security Update Review_QUALYSBLOG:73DE6D3D7D91B08058CCE3C11629EE2C Microsoft's February 2026 Patch Tuesday focuses on closing security gaps that attackers could exploit, reinforcing the importance of timely patchin...	N/A	N/A	Feb 10, 2026	QUALYSBLOG
NONE	QUALYSBLOG:FDD3...	TruConfirm: Ending Vulnerability Guesswork with Proof inside ETM_QUALYSBLOG:FDD3C3B7B0CD0F084D04FD7B489F88DB ## Key Takeaways * CISOs still can’t answer the only question that matters: Is this exposure exploitable on this asset, in our production e...	N/A	N/A	Feb 4, 2026	QUALYSBLOG
HIGH 10	QUALYSBLOG:5457...	Mutagen Astronomy: From Discovery to CISA Recognition—A Seven-Year Journey_QUALYSBLOG:545715B843A48B81193DFA437BFE16EB ## Introduction **On January 26, 2026,the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-14634 to its Known Exploited Vuln...	N/A	N/A	Feb 2, 2026	QUALYSBLOG