Infosecurity Magazine

Penetration Testing News

Scroll down for the latest penetration testing news and information.

Browse other Physical and Information Security Convergence topics

Latest News and Features

Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models

News

A new Cisco report exposed large language models to multi-turn adversarial attacks with 90% success rates

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

News

Flaw in Slider Revolution Plugin Exposed 4m WordPress Sites

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Critical Vulnerability in Salesforce AgentForce Exposed

News

Critical flaw ForcedLeak in Salesforce's AgentForce allows CRM data theft via prompt injection

Critical CVEs in Chaos-Mesh Enable In-Cluster Code Execution

News

Chinese AI Villager Pen Testing Tool Hits 11,000 PyPI Downloads

News

AI-native Villager, which automates Kali and DeepSeek penetration tests, has reached 11,000 PyPI downloads fueling dual-use threat

Malicious VS Code Extensions Exploit Name Reuse Loophole

News

US and Five Global Partners Release First Unified OT Security Taxonomy

News

#BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free Cyber Services Program

News

White Papers

State of Cybersecurity Report 2022

White Paper

Red Teaming: How to Identify Gaps in Your Security Strategy by Thinking Like the Enemy

White Paper

Pen Test Metrics 2018

White Paper

On-Demand Webinars

  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • Reducing Industrial Cyber Risk Amid Digital Transformation
  • Life of: A Penetration Tester

Podcasts

  • Javvad Malik tells us about his journey from end-user to analyst to vendor & Burnout &mental health in the cybersecurity industry and more.

More news and features

Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit

News

Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

News

10,000 WordPress sites vulnerable to takeover due to critical flaws in HT Contact Form Widget plugin

Grok-4 Jailbroken Two Days After Release Using Combined Attack

News

Red Team Tool Developer Shellter Admits ‘Misuse’ by Adversaries

News

Why One-Off Pen Tests Could Be Leaving You at Risk

Blog

#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’

News

Semperis will host an immersive ransomware simulation focused on water utilities during Infosecurity Europe 2025

UK Cyber Essentials Certification Numbers Falling Short

News

The Permanent Digital Pandemic and Resillion's Strategy for a Cyber-Resilient Future

Interview

New Report Highlights Common Passwords in RDP Attacks

News

Number of Unauthorized Cobalt Strike Copies Plummets 80%

News

Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years

Blogs

How to Fix OST File cannot be Opened Error

Blog

Elevating SaaS Security with NIST CSF and Agentic AI

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen