patch management

4 posts

The kernel commit lands. Your fleet is exposed.

Linux kernel CVEs publish without distro pre-notice. The exposure window opens at upstream commit, not at advisory. Measure the right number.

May 7, 2026

Article

Chrome's fourth 2026 zero-day ships mid-cycle

Google's fourth exploited Chrome zero-day of 2026 patches a V8 type confusion bug. The real risk is the patch-to-deployment window.

May 3, 2026

Article

CISA flagged a 17-year-old Excel flaw

A 17 year old Excel flaw is being actively exploited and flagged by US cyber defence. Operator analysis of what failed, why, and what must change.

Apr 27, 2026

Article

April 16 Cisco patches changed your threat model

Cisco's April 2026 patch wave includes seven Critical CVEs including a CVSS 10.0 RCE in FMC. Triage, detection, and architectural fixes for enterprise CISOs.

Apr 13, 2026