Encryption , Vulnerability Management , Patch/Configuration Management OpenSSL patches 12 vulnerabilities, including high-severity RCE flaw January 30, 2026 By SC Staff (Adobe Stock) OpenSSL has released security updates addressing 12 vulnerabilities within its open-source cryptographic library. Among these is a high-severity remote code execution (RCE) flaw, with all 12 flaws discovered by cybersecurity firm Aisle, Security Affairs reports. The vulnerabilities primarily stem from memory safety, parsing robustness, and resource handling issues. The two most severe flaws, CVE-2025-15467 and CVE-2025-11187, involve stack buffer overflows in CMS/PKCS#7 AEAD parsing and PKCS#12 PBMAC1 processing, respectively. These could lead to denial of service (DoS) and potentially RCE. Other vulnerabilities include NULL pointer dereferences, type-confusion bugs, and out-of-bounds writes across various parsing and handling functions, as well as a logic bug in the CLI signing tool and a TLS 1.3 certificate compression issue causing memory exhaustion. The majority of the remaining 10 flaws are assessed as low severity, mainly impacting availability or integrity in specific scenarios. Source: Security Affairs SC Staff Encryption Compilers undermine cryptographic software security SC Staff February 10, 2026 Meusel detailed how compilers, particularly GCC, can undo constant-time implementations designed to equalize response times and prevent attackers from inferring password information through timing analysis. Encryption New CISA post-quantum cryptography tech list raises concerns SC Staff January 27, 2026 The Cybersecurity and Infrastructure Security Agency has unveiled a new shopping guide detailing software and hardware with quantum-resistant encryption in a bid to bolster federal agencies' readiness for post-quantum cryptography, CyberScoop reports. Cloud Security Aviatrix CPO outlines 4 security trends for 2026 SC Staff January 27, 2026 Aviatrix Chief Product Officer Chris McHenry argues that the convergence of cloud, artificial intelligence, and quantum computing is fundamentally reshaping enterprise security, demanding a proactive shift from digital transformation to digital defense, according to Forbes. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Related Terms Asymmetric Cryptography Ciphertext Cryptographic Algorithm or Hash Cyclic Redundancy Check (CRC) Digital Envelope Digital Signature Algorithm (DSA) Digital Signature Standard (DSS) Disassembly Elliptic Curve Cryptography (ECC) Encryption You can skip this ad in 5 seconds