qualysblog - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	QUALYSBLOG:CB6A...	Stop Patching at Human Speed: Peer-to-Peer (P2P) Distribution Closes the Remediation Gap Before Attackers Strike_QUALYSBLOG:CB6AB0F22D373D44641F0A459EDB5DFD * * * #### Executive Summary _Knowing what’s exploitable is only half the battle. P2P patch distribution turns your endpoints into a delivery net...	N/A	N/A	Jun 3, 2026	QUALYSBLOG
NONE	QUALYSBLOG:1BBF...	The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs_QUALYSBLOG:1BBF6B5B1C7D340BAA7806C60697CFB8 #### Key Takeaways * HazyBeacon (CL-STA-1020) targets Southeast Asian government networks by abusing AWS Lambda Function URLs configured wit...	N/A	N/A	Jun 2, 2026	QUALYSBLOG
NONE	QUALYSBLOG:1995...	Extending EOL/EOS Software Intelligence Across Containers, Kubernetes, and Modern Workloads_QUALYSBLOG:19950494C35325E8C77647020B48BAA3 #### Key Takeaways * Unsupported software increasingly exists inside container images and Kubernetes workloads, not just traditional infrastruct...	N/A	N/A	May 28, 2026	QUALYSBLOG
MEDIUM 5.5	QUALYSBLOG:E8F4...	CVE-2026-46333: Local Root Privilege Escalation and Credential Disclosure in the Linux Kernel ptrace Path_QUALYSBLOG:E8F42A538BC8BA714502776CC6736B66 The Qualys Threat Research Unit (TRU) has discovered and published the full advisory for CVE-2026-46333, a logic flaw in the Linux kernel's __ptrac...	N/A	N/A	May 20, 2026	QUALYSBLOG
NONE	QUALYSBLOG:E244...	Inside the 2026 Verizon DBIR: What One Billion Records Revealed About Vulnerability Remediation_QUALYSBLOG:E244155A30F1C7712F97F8073D7C9374 The Verizon 2026 Data Breach Investigations Report has been published. Qualys is proud to have served as a research partner and contributor, contri...	N/A	N/A	May 19, 2026	QUALYSBLOG
NONE	QUALYSBLOG:855C...	Achieve Federal-Grade M365 Security: Governing with Qualys SSPM and SCuBA_QUALYSBLOG:855C96831EB1A034498C12E814C39899 **Qualys SaaS Security Posture Management (SSPM) introduces native support for the Secure Cloud Business Applications (SCuBA) compliance framework,...	N/A	N/A	May 14, 2026	QUALYSBLOG
NONE	QUALYSBLOG:9876...	FedRAMP High Authorized: Qualys TotalCloud CNAPP – From Compliance to Defense_QUALYSBLOG:9876D026285E975FEB7911F38A4BE347 **Qualys TotalCloud![™](https://s.w.org/images/core/emoji/17.0.2/72x72/2122.png) has achieved FedRAMP High Authorization, marking a major milestone...	N/A	N/A	May 14, 2026	QUALYSBLOG
CRITICAL 10	QUALYSBLOG:3482...	Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review_QUALYSBLOG:348233F09E51808B6C9DD2C6521FA5C6 May 2026's Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for ti...	N/A	N/A	May 12, 2026	QUALYSBLOG
NONE	QUALYSBLOG:61E9...	Bringing AI Code Security into Qualys ETM_QUALYSBLOG:61E9FED3C17DD299CA5DFA5D3304303F ### _A first-class data model for the next generation of findings_ AI-driven code security is becoming a real category. Anthropic's Claude Code Se...	N/A	N/A	May 11, 2026	QUALYSBLOG
HIGH 7.8	QUALYSBLOG:4117...	Dirty Frag: Using the Page Caches as an Attack Surface_QUALYSBLOG:4117DBF9D73BE798BE159CA2C926D4D5 Dirty Frag is a Linux local privilege escalation (LPE) chain published on May 7, 2026. It combines two previously unknown kernel vulnerabilities ca...	N/A	N/A	May 9, 2026	QUALYSBLOG