Infosecurity Magazine

Penetration Testing News

Scroll down for the latest penetration testing news and information.

Browse other Physical and Information Security Convergence topics

Latest News and Features

OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

News

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

News

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

News

Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

News

A flaw in the Slider Revolution plugin has exposed millions of WordPress sites to unauthorized file access

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Broadcom has released security patches for critical flaws affecting several VMware products

Critical Vulnerability in Salesforce AgentForce Exposed

News

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

News

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

News

Malicious VS Code Extensions Exploit Name Reuse Loophole

News

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages

US and Five Global Partners Release First Unified OT Security Taxonomy

News

White Papers

State of Cybersecurity Report 2022

White Paper

Red Teaming: How to Identify Gaps in Your Security Strategy by Thinking Like the Enemy

White Paper

Pen Test Metrics 2018

White Paper

On-Demand Webinars

  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • Reducing Industrial Cyber Risk Amid Digital Transformation
  • Life of: A Penetration Tester

Podcasts

  • Javvad Malik tells us about his journey from end-user to analyst to vendor & Burnout &mental health in the cybersecurity industry and more.

More news and features

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

News

Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit

News

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

News

Grok-4 Jailbroken Two Days After Release Using Combined Attack

News

Grok-4 was jailbroken 48 hours post-launch using Echo Chamber and Crescendo attack methods

Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

News

Why One-Off Pen Tests Could Be Leaving You at Risk

Blog

#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’

News

UK Cyber Essentials Certification Numbers Falling Short

News

The Permanent Digital Pandemic and Resillion's Strategy for a Cyber-Resilient Future

Interview

In conversation with Infosecurity, Antonio Russu, Head of Cybersecurity, Resillion, underscores the necessity of cultivating a robust cybersecurity culture, akin to the societal approaches employed during the Covid-19 pandemic

New Report Highlights Common Passwords in RDP Attacks

News

Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw

Blogs

Energy Operations: Managing Password Security and Continuity

Blog

Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen