Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest News and Features

Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation

News

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025

Personal LLM Accounts Drive Shadow AI Data Leak Risks

News

Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks

NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity

News

Top 10 Cyber-Attacks of 2025

News Feature

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-Demand Webinars

  • OT Security Ecosystem for Targeted Risk Reduction and Reporting
  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Auditing AI Risk: Essential Strategies for IT & Compliance Leaders
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • Into Security Podcast - Episode 15

More news and features

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

Major Vulnerabilities Found in TP-Link VPN Routers

News

Forescout researchers discovered critical and high-severity vulnerabilities in several TP-Link VPN routers

The CISO's Crucible – Finding Strength in Control

Opinion

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

News

Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

News

Hackers Target Unpatched Flaws in Oracle E-Business Suite

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Broadcom has released security patches for critical flaws affecting several VMware products

Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

News

The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Opinion

Vibe Coding: Managing the Strategic Security Risks of AI-Accelerated Development

Opinion

Blogs

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog

How to Recover Corrupt MDF File from SQL Server

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen