The @VerizonBusiness 2026 Data Breach Investigations Report (#DBIR) has been published, and the Qualys Threat Research Unit (#TRU) is proud to have served as a research partner. Our four-year CISA KEV survival curve analysis anchors the Survival of the Vulnerable section on page 18, where the DBIR cites our full report. We're grateful to the DBIR team for the collaboration. The analysis draws on more than one billion anonymized vulnerability remediation records across four DBIR reporting cycles. The finding: defenders are running harder than ever and still losing ground. KEV-linked vulnerability instances grew 7.7x in four years, from 68.7M to 527.3M. Median time-to-close held steady at 9 days. Yet at Day 28, the open backlog grew from 31 million instances to 184 million. The patching engine did not slow. The load outran it. What closes the gap is an architectural shift: machine-speed pipelines that route validated, environment-confirmed exposures into autonomous remediation. We call it the Risk Operations Center (ROC). Read our extended analysis, four-year cohort breakdowns, and proactive-defense data in our updated report, The Broken Physics of Remediation: blog.qualys.com/vulnerabilit… #Cybersecurity #VulnerabilityManagement #RiskOperationsCenter

Qualys is at the @AWS Summit New York City this week, proud to stand alongside AWS as a trusted security partner. We deliver continuous discovery across 90 AWS services, deep integration with Amazon Inspector, GuardDuty, Security Hub to name a few — giving security teams the hyper-prioritization, autonomous remediation and AI-speed detection needed to reduce risk at unprecedented speed and scale. Find us at booth #948. The conversation starts here. #AWSSummit #CloudSecurity #AWS #RiskOperations #CyberRisk

With the rise of AI, the risk for AI-driven attacks has escalated especially in regard to critical infrastructure, government communications, and national defense. In this Federal News Network article, Qualys’ CISO shares how an AI-powered ROC is critical for the future of American federal defense. Furthermore, he breaks down the difference between a traditional security operations center (SOC,) compared to a Risk Operations Center (ROC,) and applies real-life examples to the need for a strategic pivot in cybersecurity. Read here: 👉 federalnewsnetwork.com/comme… #RiskOperationsCenter #Defense #Cybersecurity

An isolated, vulnerable package looks like a low-priority ticket until an autonomous AI agent uses it to map a direct breach path. Rogue agents (like OpenClaw) are the ultimate shadow risk. Routine alerts often miss them because they can't connect cross-domain dots. To intercept them before lateral movement, map these 4 core signals: > Endpoint telemetry > Attack exposure > Identity context > Active runtime reachability Read our blog to see how Qualys ETM connects the dots and unifies your attack surface. - blog.qualys.com/product-tech… #ETM #ETMIdentity #OpenClaw #AISecurity

CVE-2026-50751 is under active exploitation and now on the CISA KEV list. This is an authentication bypass affecting Check Point IKEv1 Remote Access VPN. If you run Check Point gateways, now's the time to look. Qualys customers can use QID 387569 to find affected assets, confirm real exposure, and prioritize patching. Full breakdown on ThreatPROTECT: threatprotect.qualys.com/202… #Qualys #ThreatPROTECT #CheckPoint #VPN #CISAKEV

Join Qualys at the UK's premier Cyber in Health Conference & Exhibition on the 17th June in Manchester, run by the Institute of Government & Public Policy. Learn how healthcare organizations are moving beyond periodic audits to continuous cybersecurity assurance. See how Qualys helps automate compliance, prioritize risk, accelerate remediation, and maintain audit-ready confidence year-round. Need complementary tickets? Use the code below, and stop by to meet us for a coffee. Discount code – CH-QUALYS Register now - igpp.org.uk/event/Cyber_Heal… #igppCH #qualys

This month's Patch Tuesday addresses 206 vulnerabilities, including 3 zero-day vulnerabilities, and many that affect various Windows & Adobe tools like Copilot, InDesign, and Dreamweaver. Don’t miss the full release summary in our blog post and RSVP for our recap of this month's vulnerabilities and patches on June 11. 🔍 Learn more: blog.qualys.com/?p=40634&pre… #PatchTuesday #Vulnerabilities #Microsoft #Adobe

App exploits are up 44%, costing $4.88M per breach. Yet your vulnerability backlog is growing faster than engineering can pull tickets, and most CISOs get reports of 10,000 "critical" alerts. When everything is critical, nothing is. If you're still buying scanner noise, it's time to pivot to total risk-based prioritization and rebuild your pipeline in 2026. > Contextualize - Map vulnerabilities directly to revenue-critical assets. > Validate - Automate verification to prove a bug is actually reachable. > Consolidate - Merge App and API telemetry to maximize AppSec ROI. Watch the full webinar to see how Qualys TotalAppSec delivers true risk-based prioritization. bit.ly/43s4N3n #AppSec #APISecurity #QualysTotalAppSec

Which is a bigger risk: an unpatched vulnerability or an autonomous fix? Tomorrow, we launch the latest Cyber Risk Series to help you build a remediation strategy designed for the speed and scale of the post-Mythos era. This is your final opportunity to join the discussion on moving from ticket-driven workflows to continuous, safe risk reduction. Last chance to register: bit.ly/4ujAJDa #RiskManagement #CyberRiskSeries #Automation #Qualys

Cisco warns that a critical privilege escalation vulnerability (CVE-2026-20245) in Catalyst SD-WAN Manager is actively being exploited in the wild. Attackers with valid credentials can inject commands to gain root access and push malicious configuration changes to edge devices. Protect your network orchestration layer by identifying exposed systems immediately. Read the full analysis and find your deployment patch strategy: bit.ly/4exrMQM #Cybersecurity #ThreatIntel #SDWAN

Security teams aren't falling behind because they can't find risk. They're falling behind because they can't remediate it fast enough. As Qualys' Shailesh Athyle explains in his recent ROCon session, enterprises discover thousands more risky exposures each month than they can remediate. With AI-driven discovery and increasingly advanced detection capabilities, that gap continues to grow. The challenge isn't finding more risk—it's turning insight into action and aligning security, IT, and operations around reducing risk faster. Hear his full session & insights here and learn to build your Risk Operations Center (ROC) today: bit.ly/4odYNVE #Mythos #AutonomousRemediation #Cybersecurity

A critical server-side request forgery (SSRF) vulnerability (CVE-2026-20230) has been identified in Cisco Unified Communications Manager (CUCM). If the WebDialer service is enabled, remote attackers can exploit improper input validation to write files to the underlying OS and elevate privileges to root. Protect your collaboration infrastructure by identifying exposed assets and applying the necessary patches immediately. Read the blog - bit.ly/4omdLJi #Cisco #CyberSecurity #Qualysthreatprotection

It’s that time again, the return of our Cyber Risk Series: The Mythos of Autonomous Remediation. As AI accelerates vulnerability discovery, will our fear of breaking systems through autonomous remediation outweigh the risk of leaving them vulnerable? Sumedh Thakar's session, “The Myth of ‘You Can’t Patch Your Way Through Mythos’” will explore how AI rewrites the timeline from exploitation to remediation and the importance of autonomous remediation in cyber risk management. 🔍 Discern between fact & fiction and don’t miss this crucial webinar series featuring our roster of cybersecurity experts. Mark your calendar for June 10 and register now: bit.ly/4ujAJDa #Cybersecurity #AI #CyberRiskSeries

Less than 1% of "critical" vulnerabilities in the average enterprise are actually exploitable. The other 99% consume engineer hours and were never going to hurt anyone. Inside Qualys's bet that most of cybersecurity has been chasing the wrong list. Part of our editorial partnership series with @qualys - the-sourcecode.com/cybersecu…

Built by the Bay Area 🌉 Our 2026 kit is here for you #SparkleArmy, inspired by the Bay for the Bay 🗣️ Head to the link in our bio to get yours today 🔗

Introducing Qualys EOL/EOS Software Detection for Containers. Critical software components are increasingly buried inside container images and Kubernetes workloads, creating invisible technical debt that traditional asset inventory tools miss. With our new deployment-aware capabilities, you can continuously catalog container software, detect unsupported packages, and map lifecycle risks directly to active production workloads. Take a proactive approach to modern cloud governance and secure your application stacks before vendor support runs out. Read our technical breakdown to eliminate container software blind spots: blog.qualys.com/product-tech… #QualysKCS #ContainerSecurity #EOLEOS #softwarecatalog

CISA has added a critical Palo Alto Networks PAN-OS GlobalProtect vulnerability (CVE-2026-0257) to its Known Exploited Vulnerabilities catalog following active wild exploitation. The flaw allows remote, unauthenticated attackers to forge authentication override cookies and bypass security validation to establish unauthorized VPN connections. Read the full technical breakdown: bit.ly/4dSDRQB #qualysthreatprotection #PaloAltoNetworks #CyberSecurity

Notepad has released a security advisory addressing multiple critical vulnerabilities, including two arbitrary code execution flaws. The most severe flaw, CVE-2026-48778, allows attackers to silently run malicious code on a victim's machine via unvalidated config.xml files. Organizations using this popular text editor must upgrade to version v8.9.6.1 immediately to eliminate the exposure. Read the full technical breakdown and find your corresponding Qualys QID here: bit.ly/4dYYlWm #qualysthreatprotection #Notepad #CyberSecurity

91% of engineering teams hit a wall at the exact same stage of scaling microservices. It’s not your scanners. It's handling the noise. How do you know your AppSec program is hitting its breaking point? Here are three indicators: • Shadow assets explode out of nowhere • Endless firefighting of sudden zero-day incidents • Backlogs expand without clear prioritization Traditional AppSec wasn't built for API-driven scale. Stop managing noise. Start managing risk. Watch the full "Modern AppSec Is Broken" webinar for the fix: bit.ly/4fljFrE #DevSecOps #RiskManagement #CloudSecurity

CISA has added the active Drupal Core SQL injection vulnerability (CVE-2026-9082) to its Known Exploited Vulnerabilities catalog. This flaw allows anonymous attackers using PostgreSQL databases to achieve remote code execution and elevate privileges. Read the full technical breakdown to see the affected versions, remediation steps, and corresponding Qualys QIDs. bit.ly/4vm2J95 #qualysthreatprotection #Drupal #CyberSecurity