Infosecurity Magazine

Risk and Vulnerability Assessment News

Scroll down for the latest risk and vulnerability assessment news and information.

Latest News and Features

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

News

Sophos CISO on Software Flaws, Vendor Risk and Secure by Design (video)

Interview

In this Infosecurity interview, we speak with Sophos CISO Ross McKerchar about one of the biggest topics dominating cybersecurity headlines today, software vulnerabilities

Precision Becomes the New Playbook for Software Supply Chain Attacks

Opinion

Adversaries are adopting a more precise approach to supply chain compromise. Organizations need to rethink what “secure software” really means.

Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation

News

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News

Personal LLM Accounts Drive Shadow AI Data Leak Risks

News

NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity

News

NIST and MITRE are collaboratively launching two centers to advance AI security for US manufacturing and critical infrastructure

Top 10 Cyber-Attacks of 2025

News Feature

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

Google Releases Critical Chrome Security Update to Address Three Zero-Days

News

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Steps to Get Ahead of Insider Threats

White Paper

Financial Sector Quarterly Threat Landscape

White Paper

On-Demand Webinars

  • OT Security Ecosystem for Targeted Risk Reduction and Reporting
  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Auditing AI Risk: Essential Strategies for IT & Compliance Leaders
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • Into Security Podcast - Episode 15

More news and features

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

News

Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild

News

Google said it found indications that two newly identified vulnerabilities affecting Android “may be under limited, targeted exploitation”

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

News

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

News

Major Vulnerabilities Found in TP-Link VPN Routers

News

The CISO's Crucible – Finding Strength in Control

Opinion

Google: Clop Accessed “Significant Amount” of Data in Oracle EBS Exploit

News

GTIG highlighted indicators that Clop is behind the extortion campaign targeting Oracle EBS instances, with its activity likely beginning as early as August 9

Pro-Russia Hacktivists “Claim” Attack on Water Utility Honeypot

News

Forescout said that the TwoNet actor was lured into attacking a honeypot disguised as a water treatment utility, providing insights into the group’s tactics

Hackers Target Unpatched Flaws in Oracle E-Business Suite

News

Broadcom Issues Patches for VMware NSX and vCenter Security Flaws

News

Blogs

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Blog

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen