Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest News and Features

Flaws in Popular Software Development App Extensions Allow Data Exfiltration

News

Future-Proofing Critical Infrastructure: National Gas CTO Darren Curley on IT/OT Security Integration

Interview

In conversation with Infosecurity, National Gas CTO Darren Curley explains why more security solutions don’t always mean better protection

Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third

News

Safeguarding Solar Energy Through Smarter Cybersecurity

Opinion

Solar energy has been recognised by EU Institutions as critical infrastructure. This is what the industry must do to better protect itself from cyber threats.

FIRST Forecasts Record-Breaking 50,000+ CVEs in 2026

News

New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix

News

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

News

Sophos CISO on Software Flaws, Vendor Risk and Secure by Design (video)

Interview

Precision Becomes the New Playbook for Software Supply Chain Attacks

Opinion

Adversaries are adopting a more precise approach to supply chain compromise. Organizations need to rethink what “secure software” really means.

Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation

News

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-Demand Webinars

  • How To Enhance Security Operations with AI-Powered Defenses
  • OT Security Ecosystem for Targeted Risk Reduction and Reporting
  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Auditing AI Risk: Essential Strategies for IT & Compliance Leaders
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • Into Security Podcast - Episode 15

More news and features

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News

Personal LLM Accounts Drive Shadow AI Data Leak Risks

News

NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity

News

Top 10 Cyber-Attacks of 2025

News Feature

Discover the most significant cyber-attacks of 2025 in Infosecurity Magazine’s expert roundup

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

The US cybersecurity agency has added the critical flaw to its Known Exploited Vulnerabilities list

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

Blogs

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Blog

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen