Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest News and Features

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Google has released a Chrome security update to fix three zero-day vulnerabilities, including a high-severity flaw with an active exploit

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

The flaw, dubbed ‘GeminiJack,’ exploits the trust boundary between user-controlled content in data sources and the AI model’s instruction processing

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

Major Vulnerabilities Found in TP-Link VPN Routers

News

Forescout researchers discovered critical and high-severity vulnerabilities in several TP-Link VPN routers

The CISO's Crucible – Finding Strength in Control

Opinion

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

News

Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

News

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-Demand Webinars

  • OT Security Ecosystem for Targeted Risk Reduction and Reporting
  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Auditing AI Risk: Essential Strategies for IT & Compliance Leaders
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?
  • Forward-Thinking Practices to Manage IT Risk
  • Vulnerability Management: Why a Risk-Based Approach is Essential

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • Into Security Podcast - Episode 15

More news and features

Hackers Target Unpatched Flaws in Oracle E-Business Suite

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Broadcom has released security patches for critical flaws affecting several VMware products

Chinese Hackers Use 'BRICKSTORM' Backdoor to Breach US Firms

News

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Opinion

Vibe Coding: Managing the Strategic Security Risks of AI-Accelerated Development

Opinion

CISA Launches Roadmap for the CVE Program

News

Adobe Releases Emergency Patch for Critical Flaw in Commerce and Magento

News

The vulnerability, dubbed SessionReaper, allows customer account takeover and unauthenticated remote code execution

Two Zero-Days Among Patch Tuesday CVEs This Month

News

Microsoft has fixed over 80 vulnerabilities including two publicly disclosed zero-days in its latest Patch Tuesday release

US and 14 Allies Release Joint Guidance on Software Bill of Materials

News

CMS Provider Sitecore Patches Exploited Critical Zero Day

News

Blogs

The Budget Effect of a Security Incident

Blog

Energy Operations: Managing Password Security and Continuity

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen