Tenable 블로그
Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching
OT 취약성 관리로 사이버-물리 시스템의 기본적 가시성 활용
사일로에서 위험을 관리하는 것을 멈추십시오. 이제 Tenable Vulnerability Management 및 Tenable Security Center에서 사용할 수 있는 VM-Native OT Discovery는 IT 및 OT 도메인 전반에 대한 통합된 가시성을 제공합니다. 통합된 보기에서 모든 자산을 모니터링하고 전체 사이버 노출을 관리합니다.
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic
With the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare.
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild.
Crushing the Axios supply chain threat with Tenable Hexa AI: Use cases for agentic AI
See how you can use Tenable Hexa AI to determine in minutes if you're impacted by the Axios npm supply chain attack. Learn how easy it is to automate configuration of scans, identify impacted assets, prioritize remediation, and more using agentic AI from Tenable.
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors.
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices.
The developer credential economy: Why exposure data is the new front line in the supply chain war
Recent supply chain attacks have highlighted an urgent need for organizations to shift from a reactive security posture to a preemptive exposure management strategy. Learn why endpoint detection and response tools don’t have you covered when highly privileged developer credentials get exposed.
Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour window on March 31.
Supply chain attack on Axios npm package: Scope, impact, and remediations
The Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft. Scan your environment now.