Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest News and Features

Top 10 Cyber-Attacks of 2025

News Feature

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

Major Vulnerabilities Found in TP-Link VPN Routers

News

The CISO's Crucible – Finding Strength in Control

Opinion

Deloitte's Peter Gooch discusses how CISOs can overcome the immense strains and challenges of their roles

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

News

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-Demand Webinars

  • OT Security Ecosystem for Targeted Risk Reduction and Reporting
  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Auditing AI Risk: Essential Strategies for IT & Compliance Leaders
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?
  • Forward-Thinking Practices to Manage IT Risk
  • Vulnerability Management: Why a Risk-Based Approach is Essential

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • Into Security Podcast - Episode 15

More news and features

Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

News

Hackers Target Unpatched Flaws in Oracle E-Business Suite

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

News

The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Opinion

Vibe Coding: Managing the Strategic Security Risks of AI-Accelerated Development

Opinion

CISA Launches Roadmap for the CVE Program

News

The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement

Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento

News

Two Zero-Days Among Patch Tuesday CVEs This Month

News

Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release

US and 14 Allies Release Joint Guidance on Software Bill of Materials

News

Blogs

The Budget Effect of a Security Incident

Blog

Energy Operations: Managing Password Security and Continuity

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen