Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Browse other Risk Management topics

Don’t Miss Out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Top 10 Cyber-Attacks of 2025

News Feature16 December 2025

Discover the most significant cyber-attacks of 2025 in Infosecurity Magazine’s expert roundup

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News15 December 2025

MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News11 December 2025

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News10 December 2025

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News2 December 2025

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News24 November 2025

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News5 November 2025

Major Vulnerabilities Found in TP-Link VPN Routers

News23 October 2025

The CISO's Crucible – Finding Strength in Control

Opinion17 October 2025

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

News10 October 2025

GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 March 2024

Steps to Get Ahead of Insider Threats

White Paper21 July 2022

Financial Sector Quarterly Threat Landscape

White Paper7 July 2022

On-Demand Webinars

What’s Hot on Infosecurity Magazine?

Phishing Messages and Social Scams Flood Users Ahead of Christmas

News16 December 2025

Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case

News15 December 2025

Portugal Revises Cybercrime Law to Protect Security Researchers

News8 December 2025

Top 10 Cyber-Attacks of 2025

News Feature16 December 2025

Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files

News15 December 2025

Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

News15 December 2025

Hacker-Tested, Security-Leader Approved: Five Steps to Stop Modern Fraud

Opinion5 December 2025

“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach

News11 December 2025

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

News10 December 2025

Log4Shell Downloaded 40 Million Times in 2025

News10 December 2025

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

News2 December 2025

Malware Manipulates AI Detection in Latest npm Package Breach

News1 December 2025

Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

Webinar15:00 — 16:00, 11 December 2025

Cyber Defense in the Age of AI: Stay Ahead of Threats Without Compromising Safety

Webinar15:00 — 16:00, 24 July 2025

Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

Webinar12:30 — 13:30, 13 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Mastering Emerging Regulations: DORA, NIS2 and AI Act Compliance

Webinar15:00 — 16:00, 17 July 2025

Predicting and Prioritizing Cyber Attacks Using Threat Intelligence

Webinar15:00 — 16:00, 26 June 2025

Regulating AI: Where Should the Line Be Drawn?

Opinion12 November 2025

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature11 November 2025

Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

Webinar15:00 — 16:00, 23 October 2025

Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments

Blog7 November 2025

NCSC Set to Retire Web Check and Mail Check Tools

News10 November 2025

Beyond Bug Bounties: How Private Researchers Are Taking Down Ransomware Operations

Podcast4 November 2025

Podcasts

Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

News10 October 2025

Hackers Target Unpatched Flaws in Oracle E-Business Suite

News3 October 2025

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News1 October 2025

Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

News25 September 2025

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Opinion19 September 2025

Action1's Gene Moody argues that managing vulnerabilities goes far beyond chasing high CVSS scores

Vibe Coding: Managing the Strategic Security Risks of AI-Accelerated Development

Opinion17 September 2025

Murali Sastry says vibe coding is the future, but only for those prepared to manage its security risks

CISA Launches Roadmap for the CVE Program

News11 September 2025

The US cybersecurity agency called for the CVE program to remain publicly maintained and vendor-neutral while emphasizing the need for broader engagement

Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento

News10 September 2025

Two Zero-Days Among Patch Tuesday CVEs This Month

News10 September 2025

US and 14 Allies Release Joint Guidance on Software Bill of Materials

News5 September 2025

Blogs

The Budget Effect of a Security Incident

Blog15 December 2025

Energy Operations: Managing Password Security and Continuity

Blog9 December 2025

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen11 August 2023

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen4 August 2023

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen21 July 2023