Vulnerabilities
Blog
Security Alert: Vercel Breach Results in Compromised Customer Credentials
Coalition notified policyholders of a breach that allowed unauthorized access to certain internal systems of Vercel, a cloud development platform.
Blog
Boundary Devices and Plugins Prompt Timely Remediation
Explore Coalition’s Zero-Day Alerts by the numbers to learn which technologies drive high-risk vulnerabilities, how we operate as an early-warning system, and when we decide to alert.
Blog
The Patchwork Dilemma: Why the Cycle of Reactive Security Must End
Break the cycle of vendor-introduced risk by demanding better tech accountability and transitioning to modern architectures built for cyber resilience.
Blog
Patch Immediately: Critical Vulnerability Dubbed 'React2Shell'
Coalition notified policyholders about a new critical vulnerability impacting React and Next.js applications that allows RCE without authentication.
Blog
Risky Tech Ranking: Q3 2025 Updates
See how Coalition’s Risky Tech Ranking evolved in Q3 2025 with updates on the number of vendors scored, contributing vulnerabilities, Vendor Scores, and more.
Blog
Why We Acquired Wirespeed
How Coalition's acquisition of Wirespeed, an industry-leading cybersecurity platform, will enhance its suite of cyber risk management tools.
Blog
Predicting Real-World Exploitation with Coalition ESS
The Coalition Exploit Scoring System provides predictive insights that enhance vulnerability management without replacing human judgment or threat intelligence.
Blog
It’s Time to Say Goodbye to On-Premises Microsoft Exchange
Businesses are urged to migrate away from Microsoft Exchange to a secure cloud or hosted email solution that’s built for the way we work today.
Blog
Two New Cisco ASA Vulnerabilities Actively Exploited in the Wild
Coalition notified policyholders about two critical vulnerabilities in Cisco’s Secure Firewall Adaptive Security Appliance.
Blog
Risky Tech Ranking: Q2 2025 Updates
See how Coalition’s Risky Tech Ranking evolved in Q2 2025 with updates on the number of vendors scored, contributing vulnerabilities, and more.
Blog
Citrix NetScaler RCE Vulnerability Exploited in Zero-Day Attacks
Coalition notified policyholders about a critical remote code execution vulnerability in Citrix’s NetScaler products that is already being exploited in the wild.
Blog
Taking Responsibility in the Age of Non-Stop CVEs
Like other types of insurance, cyber coverage is meant to ease the financial burden of unforeseen events, not to erase accountability altogether.
Blog
UK Government Issues Response to Public Ransomware Consultation
Coalition shares its perspective after the UK government published its official response to the public consultation on ransomware legislation.
Blog
Security Alert: Microsoft SharePoint Zero-Day Vulnerability Under Attack
Coalition notified policyholders about a critical zero-day vulnerability in Microsoft’s SharePoint, urging immediate patching and removal from the internet.
Blog
Fortinet SSL VPN Decision Presents New Risks
Fortinet’s decision to end support for its SSL VPN technology is creating new challenges for businesses that depend on the remote access technology.
