nick, Author at Threat-Modeling.com

Vulnerability Intelligence Report – May 28, 2026

May 28, 2026 by nick

Quick Reference – Active Vulnerabilities and Affected Software Nx Console: CVE-2026-48027 (KEV, due June 10) TanStack: CVE-2026-45321 (KEV, due June 10) Daemon Tools Lite: CVE-2026-8398 … Read More

Threat Intelligence Report – May 27, 2026

May 28, 2026May 27, 2026 by nick

QUICK REFERENCE – Active Vulnerabilities and Affected Software Cisco Catalyst SD-WAN Controller and Manager: CVE-2026-20182, CVE-2026-20127 Palo Alto Networks PAN-OS (User-ID Authentication Portal): CVE-2026-0300 cPanel … Read More

Vulnerability Intelligence Report – May 26, 2026

May 26, 2026 by nick

Quick Summary This report covers the following active vulnerabilities: Ghost CMS – CVE-2026-26980: SQL injection, mass exploitation of 700+ websites KnowledgeDeliver LMS – CVE-2026-5426: ViewState … Read More

Vulnerability Intelligence Report — May 25, 2026

May 31, 2026May 25, 2026 by nick

Threat Intelligence Brief — May 25, 2026 Coverage: May 24–25, 2026 Previous reports: May 23, 2026 | May 22, 2026 | May 21, 2026 New … Read More

Vulnerability Intelligence Report — May 23, 2026

May 31, 2026May 23, 2026 by nick

Threat Intelligence Brief — May 23, 2026 Coverage: May 22–23, 2026 | New CVEs this report: 7 | New supply chain incidents: 2 Previous reports: … Read More

Vulnerability Intelligence Report — May 22, 2026

May 22, 2026 by nick

Threat Intelligence Brief — May 22, 2026 Coverage: May 21-22, 2026 | New CVEs this report: 9 | Updated entries from previous report: 3 Previous … Read More

Vulnerability Intelligence Report — May 21, 2026

May 21, 2026 by nick

🔴 CVE-2026-41091 — Microsoft Defender Privilege Escalation (Actively Exploited) CVE CVE-2026-41091 | CVSS 7.8 HIGH | CWE-59 | CISA KEV — Due 2026-06-03 Fixable? ✅ … Read More

Thinking About the Security Program in Relation to Business and IT

May 18, 2026 by nick

One thing I often miss in security is to see the relationship between the security program x business and the security program x IT. Currently, … Read More

Thinking About the Security Program Maturity and Effectiveness Level Versus the Target Level

May 5, 2026May 5, 2026 by nick

I think we need to think more specifically and explicitly about security program maturity and effectiveness. So how does that work? This diagram highlights the … Read More

CISO Security Mind Map 2026

May 5, 2026 by nick

We’ve updated the CISO Security Mind Map for 2026, continuing in the yearly updates since 2023. Here it is (click to magnify): The top challenges … Read More

nick

Threat Modeling and Security by Design