Penetration Testing News

Scroll down for the latest penetration testing news and information.

Browse other Physical and Information Security Convergence topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

News11 December 2025

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

News6 November 2025

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

News30 October 2025

Cybercriminals are abusing AdaptixC2, a legitimate emulation framework, in ransomware campaigns

Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

News15 October 2025

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News1 October 2025

Broadcom has released security patches for critical flaws affecting several VMware products

Critical Vulnerability in Salesforce AgentForce Exposed

News25 September 2025

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

News17 September 2025

A trio of critical vulnerabilities in the Chaos-Mesh platform allow in-cluster attackers to run arbitrary code, even in default configuration

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

News16 September 2025

Malicious VS Code Extensions Exploit Name Reuse Loophole

News28 August 2025

US and Five Global Partners Release First Unified OT Security Taxonomy

News15 August 2025

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

White Papers

State of Cybersecurity Report 2022

White Paper26 May 2022

Red Teaming: How to Identify Gaps in Your Security Strategy by Thinking Like the Enemy

White Paper9 January 2019

Pen Test Metrics 2018

White Paper27 July 2018

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

Malware Discovered in 19 Visual Studio Code Extensions

News11 December 2025

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News11 December 2025

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

News10 December 2025

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

News10 December 2025

UK NCSC Raises Alarms Over Prompt Injection Attacks

News9 December 2025

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

News2 December 2025

Gartner Calls For Pause on AI Browser Use

News9 December 2025

China-Linked Warp Panda Targets North American Firms in Espionage Campaign

News5 December 2025

Hacker-Tested, Security-Leader Approved: Five Steps to Stop Modern Fraud

Opinion5 December 2025

React2Shell Under Active Exploitation by China-Nexus Hackers

News8 December 2025

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

News10 December 2025

Log4Shell Downloaded 40 Million Times in 2025

News10 December 2025

Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

Webinar15:00 — 16:00, 11 December 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

Webinar12:30 — 13:30, 13 November 2025

How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

Webinar15:00 — 16:00, 6 November 2025

Mastering Identity and Access for Non-Human Cloud Entities

Webinar14:00 — 16:00, 18 September 2025

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Webinar15:00 — 16:00, 24 July 2025

Regulating AI: Where Should the Line Be Drawn?

Opinion12 November 2025

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

Blog7 November 2025

NCSC Set to Retire Web Check and Mail Check Tools

News10 November 2025

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

Podcast4 November 2025

Podcasts

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

News7 August 2025

Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit

News4 August 2025

The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

News28 July 2025

Grok-4 Jailbroken Two Days After Release Using Combined Attack

News14 July 2025

Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

News8 July 2025

Why One-Off Pen Tests Could Be Leaving You at Risk

Blog24 June 2025

#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’

News2 June 2025

UK Cyber Essentials Certification Numbers Falling Short

News8 May 2025

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year

The Permanent Digital Pandemic and Resillion's Strategy for a Cyber-Resilient Future

Interview10 April 2025

New Report Highlights Common Passwords in RDP Attacks

News18 March 2025

Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw

Infosecurity Magazine

Penetration Testing News

Browse other Physical and Information Security Convergence topics

Don’t Miss Out!

Latest News and Features

Don’t miss out!

White Papers

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

Podcasts

More news and features

Blogs

Next-Gen Infosec