Infosecurity Magazine

Penetration Testing News

Scroll down for the latest penetration testing news and information.

Browse other Physical and Information Security Convergence topics

Latest News and Features

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

News

A new Cisco report exposed large language models to multi-turn adversarial attacks with 90% success rates

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

News

Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Broadcom has released security patches for critical flaws affecting several VMware products

Critical Vulnerability in Salesforce AgentForce Exposed

News

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

News

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

News

Malicious VS Code Extensions Exploit Name Reuse Loophole

News

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages

US and Five Global Partners Release First Unified OT Security Taxonomy

News

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

News

White Papers

State of Cybersecurity Report 2022

White Paper

Red Teaming: How to Identify Gaps in Your Security Strategy by Thinking Like the Enemy

White Paper

Pen Test Metrics 2018

White Paper

On-Demand Webinars

  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • Reducing Industrial Cyber Risk Amid Digital Transformation
  • Life of: A Penetration Tester

Podcasts

  • Javvad Malik tells us about his journey from end-user to analyst to vendor & Burnout &mental health in the cybersecurity industry and more.

More news and features

Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit

News

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

News

Grok-4 Jailbroken Two Days After Release Using Combined Attack

News

Grok-4 was jailbroken 48 hours post-launch using Echo Chamber and Crescendo attack methods

Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

News

Why One-Off Pen Tests Could Be Leaving You at Risk

Blog

#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’

News

Semperis will host an immersive ransomware simulation focused on water utilities during Infosecurity Europe 2025

UK Cyber Essentials Certification Numbers Falling Short

News

The Permanent Digital Pandemic and Resillion's Strategy for a Cyber-Resilient Future

Interview

New Report Highlights Common Passwords in RDP Attacks

News

Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw

Number of Unauthorized Cobalt Strike Copies Plummets 80%

News

Blogs

Elevating SaaS Security with NIST CSF and Agentic AI

Blog

Preparing for the Quantum Future: Lessons from Singapore

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen