Infosecurity Magazine

Vulnerability Management News

Scroll down for the latest news and information covering vulnerability management.

Latest News and Features

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

News

3 critical zero-day flaws in PickleScan, affecting Python and PyTorch, allowed undetected attacks

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

Google said it found indications that two newly identified vulnerabilities affecting Android “may be under limited, targeted exploitation”

Malware Manipulates AI Detection in Latest npm Package Breach

News

FCC Warns of Hackers Hijacking Radio Equipment For False Alerts

News

UK Report Proposes Liability For Software Provider Insecurity

News

HashJack Indirect Prompt Injection Weaponizes Websites

News

Flaws Expose Risks in Fluent Bit Logging Agent

News

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

The US cybersecurity agency has added the critical flaw to its Known Exploited Vulnerabilities list

GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

News

Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

News

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

5 Ways to Strengthen Your Active Directory Password Policy

White Paper

SASE Security Buyers Guide

White Paper

On-Demand Webinars

  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?
  • Mastering Software Supply Chain Security with Strategic Defense Mechanisms
  • Forward-Thinking Practices to Manage IT Risk
  • Vulnerability Management: Why a Risk-Based Approach is Essential
  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)

Podcasts

  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • The Team are Joined by Cybersecurity Experts to Review 2022 and How to Prepare Information Security for 2023
  • Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent.
  • Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month.
  • Into Security Podcast - Episode 15

More news and features

Qilin Ransomware Activity Surges as Attacks Target Small Businesses

News

CISA Adds Zero-Day Bug Used in Spyware Attacks to KEV

News

65% of Leading AI Companies Found With Verified Secrets Leaks

News

A new study has revealed 65% of top AI firms have leaked sensitive data on GitHub, risking $400bn in assets

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

New GDI Flaws Could Enable Remote Code Execution in Windows

News

Critical Flaws Found in Elementor King Addons Affect 10,000 Sites

News

The King Addons for Elementor plugin contains two flaws allowing unauthenticated file uploads and privilege escalation

PHP Servers and IoT Devices Face Growing Cyber-Attack Risks

News

A rise in attacks on PHP servers, IoT devices and cloud gateways is linked to botnets exploiting flaws, according to new research published by Qualys

Open Source “b3” Benchmark to Boost LLM Security for Agents

News

Chrome Zero-Day Actively Exploited in Attacks by Mem3nt0 mori

News

Actively Exploited WSUS Bug Added to CISA KEV List

News

Blogs

Elevating SaaS Security with NIST CSF and Agentic AI

Blog

Preparing for the Quantum Future: Lessons from Singapore

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen