Infosecurity Magazine

Patch Management News

Scroll down for all the latest news and information on patch management.

Latest News and Features

High-Severity Flaw in Open WebUI Affects AI Connections

News

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

News Feature

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major software supply chain incidents

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

Log4Shell Downloaded 40 Million Times in 2025

News

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

News

DeadLock Ransomware Uses BYOVD to Evade Security Measures

News

Marquis Software Breach Affects Over 780,000 Nationwide

News

Barts Health Seeks High Court Ban After Oracle EBS Breach

News

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

Google said it found indications that two newly identified vulnerabilities affecting Android “may be under limited, targeted exploitation”

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

State of Cybersecurity Report 2022

White Paper

Forrester Report: The State of Application Security- 2018

White Paper

On-Demand Webinars

  • Unpacking the Top Vulnerabilities Exploited by Sophisticated Attackers
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How to Pair Threat Hunting and Exploit Intelligence for Better Cybersecurity
  • Mastering Software Supply Chain Security with Strategic Defense Mechanisms
  • Vulnerability Management: Why a Risk-Based Approach is Essential
  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • How to Build Cyber Resilience Across the Entire Workforce
  • Updating Your Active Directory Security to the Modern Threat Environment
  • Why APIs will be the No. 1 Enterprise Attack Vector in 2022
  • Modernizing AppSec and Developer Security Programs

Podcasts

  • ToolShell Deep Dive: The SharePoint Exploit Crisis Uncovered
  • Vulnerability Overload: The NVD and CVE Challenges Ahead

More news and features

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

News

Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

News

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

News

CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV

News

CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks

Identity Is Now the Top Source of Cloud Risk

News

New GDI Flaws Could Enable Remote Code Execution in Windows

News

Flaws in Windows Graphics Device Interface (GDI) have been identified that allow remote code execution and information disclosure

Actively Exploited WSUS Bug Added to CISA KEV List

News

Critical WordPress Plugin Bugs Exploited En Masse

News

Threat Actors Ramp Up Public App Exploits as ToolShell Gains Traction

News

ToolShell exploit activity surged last quarter, appearing in over 60% of Cisco Talos IR cases and driving a sharp rise in public-facing application attacks

Blogs

The Budget Effect of a Security Incident

Blog

Energy Operations: Managing Password Security and Continuity

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen