Tenable blog

Featured

September 30, 2025

The Trifecta: How Three New Gemini Vulnerabilities in Cloud Assist, Search Model, and Browsing Allowed Private Data Exfiltration

Tenable Research discovered three vulnerabilities (now remediated) within Google’s Gemini AI assistant suite, which we dubbed the Gemini Trifecta. These vulnerabilities exposed users to severe privacy risks. They made Gemini vulnerable to search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud Assist; and exfiltration of the user’s saved information and location data via the Gemini Browsing Tool.

Liv Matan

May 4, 2022

Manage and Remediate Cloud Infrastructure Misconfiguration Vulnerabilities with Tenable.cs and HashiCorp Terraform Cloud

Cloud breaches are on the upswing due to preventable misconfigurations. Here’s how you can lower your risk with a new integration between Tenable.cs and Terraform Cloud.

Cesar Rodriguez

May 3, 2022

How to Choose a Modern CSPM Tool to Reduce Your Cloud Infrastructure Risk

Cloud Security Posture Management solutions have become a must for detecting and fixing misconfigurations in public clouds — from code to runtime.

Team Tenable

April 27, 2022

IDC Ranks Tenable Number One in Worldwide Device Vulnerability Management Market Share for 2020

The research firm’s latest report also provides market insights security professionals can use to improve their vulnerability management strategy.

Lindsay Schwartz

April 25, 2022

Test Your Hacking Skills: Join Tenable’s Annual CTF Competition!

Tenable launches the 2022 Capture the Flag event for the security community, running from June 9-13. Get ready to test your hacking skills, practice new ones and see how you measure up against others in the industry by joining this year’s Capture the Flag event. Each year, Tenable hosts its&nbsp…

Team Tenable

April 21, 2022

Verizon’s Data Breach Report – Insights for Cloud Security Professionals

Select highlights from Verizon’s recent Data Breach Investigations Report that may interest cloud security professionals — and suggested actions to take.

Team Tenable

April 21, 2022

Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services

Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services Amazon Web Services has addressed vulnerabilities introduced by the hot patches released in response to the Log4Shell vulnerability in December. Background On April 19, researchers with Palo Alto’s…

Claire Tills

April 20, 2022

Oracle April 2022 Critical Patch Update Addresses 221 CVEs

Oracle addresses 221 CVEs in its second quarterly update of 2022 with 520 patches, including 27 critical updates.

Tenable Security Response Team

April 20, 2022

You’ve Migrated Business-Critical Functions to the Cloud…Now What?

An expanding attack surface demands a robust cybersecurity strategy. Here’s what you need to know.

Giuliana Carullo

April 12, 2022

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521) Microsoft addresses 117 CVEs in its April 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of which was exploited in the wild and reported to Microsoft by the National Security Agency. …

Tenable Security Response Team

Tenable One Exposure Management Platform

Platform categories

Platform capabilities

Cloud Exposure

Vulnerability Exposure

AI Exposure

OT/IoT Exposure

Identity Exposure

Business needs

Industries

Compliance

Public Sector

The Tenable difference

Compare Tenable to:

Resources

Research

Tenable Assure partners

Other partner opportunities

Support

Services

Tenable Trust

About us

Media

Connect

Join us

Tenable blog

The Trifecta: How Three New Gemini Vulnerabilities in Cloud Assist, Search Model, and Browsing Allowed Private Data Exfiltration

Manage and Remediate Cloud Infrastructure Misconfiguration Vulnerabilities with Tenable.cs and HashiCorp Terraform Cloud

How to Choose a Modern CSPM Tool to Reduce Your Cloud Infrastructure Risk

IDC Ranks Tenable Number One in Worldwide Device Vulnerability Management Market Share for 2020

Test Your Hacking Skills: Join Tenable’s Annual CTF Competition!

Verizon’s Data Breach Report – Insights for Cloud Security Professionals

Hot Patches for Log4Shell Introduced Multiple Vulnerabilities in Amazon Web Services

Oracle April 2022 Critical Patch Update Addresses 221 CVEs

You’ve Migrated Business-Critical Functions to the Cloud…Now What?

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

A Look Inside the Ransomware Ecosystem

Tenable blog

Cybersecurity news you can use

Thank you for subscribing!

A Look Inside the Ransomware Ecosystem

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank You

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Try Tenable Web App Scanning

Buy Tenable Web App Scanning

Thank you

Request a demo of Tenable Security Center

Request a demo of Tenable OT Security

Request a demo

Request a demo of Tenable Cloud Security

See Tenable One in action

Get started with Tenable AI Exposure

See Tenable Attack Surface Management in action

Get a demo of Tenable Enclave Security

Thank You

Try Tenable Nessus Professional free

Buy Tenable Nessus Professional

Try Tenable Nessus Expert free

Buy Tenable Nessus Expert

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Get a demo of Tenable Patch Management

Contact a sales representative

See
Tenable One
in action