Vulnerability Management News

Scroll down for the latest news and information covering vulnerability management.

Browse other Risk Management topics

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

NTLM Hash Exploit Targets Poland and Romania Days After Patch

News17 Apr 2025

Senators Urge Cyber-Threat Sharing Law Extension Before Deadline

News17 Apr 2025

Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years

CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension

News17 Apr 2025

Network Edge Devices the Biggest Entry Point for Attacks on SMBs

News17 Apr 2025

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

News16 Apr 2025

Hertz has confirmed a data breach exposing customer data after a zero-day attack targeting file transfer software from Cleo Communications

92% of Mobile Apps Found to Use Insecure Cryptographic Methods

News16 Apr 2025

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

News16 Apr 2025

Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database

Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities

News15 Apr 2025

Major WordPress Plugin Flaw Exploited in Under 4 Hours

News14 Apr 2025

NVD Revamps Operations as Vulnerability Reporting Surges

News11 Apr 2025

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

White papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 Mar 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 Oct 2023

SASE Security Buyers Guide

White Paper26 Jan 2023

On-demand webinars

How to Implement Attack Surface Management in the AI and Cloud Age
3 Apr 2025 Webinar
Navigating Exposures in Energy ICS Environments
19 Dec 2024 Webinar
How to Proactively Remediate Rising Web Application Threats
30 May 2024 Webinar
How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
16 May 2024 Webinar
Experiencing a DDoS Simulation to Enhance Defenses
2 May 2024 Webinar
How Can the Boardroom Boost Cyber Resilience?
29 Feb 2024 Webinar
Mastering Software Supply Chain Security with Strategic Defense Mechanisms
30 Nov 2023 Webinar
Forward-Thinking Practices to Manage IT Risk
12 Oct 2023 Webinar
Vulnerability Management: Why a Risk-Based Approach is Essential
28 Sep 2023 Webinar
The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
15 Dec 2022 Webinar

What’s hot on Infosecurity Magazine?

Microsoft Thwarts $4bn in Fraud Attempts

News17 Apr 2025

AI Hallucinations Create “Slopsquatting” Supply Chain Threat

News14 Apr 2025

Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI

News15 Apr 2025

Digital Certificate Lifespans to Fall to 47 Days by 2029

News14 Apr 2025

Scalper Bots Fueling DVSA Driving Test Black Market

News16 Apr 2025

LabHost Phishing Mastermind Sentenced to 8.5 Years

News15 Apr 2025

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

News16 Apr 2025

Trump Administration Shakes Up CISA with Staff and Funding Cuts

News12 Mar 2025

Google Cloud: China Achieves “Cyber Superpower” Status

News10 Apr 2025

NVD Revamps Operations as Vulnerability Reporting Surges

News11 Apr 2025

Digital Certificate Lifespans to Fall to 47 Days by 2029

News14 Apr 2025

NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora

News9 Apr 2025

The Evolving Ransomware Landscape: A 2025 Survival Guide

Webinar15 Apr 2025

Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

Webinar10 Apr 2025

Proactive Incident Response and Recovery: Navigating Ransomware Attacks

Webinar15 Apr 2025

Fireside Chat: How Initial Access Brokers Fuel the Ransomware-as-a-Service Model

Webinar15 Apr 2025

Ransomware Negotiations: Mastering an Attacker’s Mindset and Minimizing Leverage

Webinar15 Apr 2025

How to Update Your PAM Strategy to Protect Hybrid Cloud Infrastructures

Webinar27 Mar 2025

Gatwick Airport's Cybersecurity Chief on Supply Chain Risks and CrowdStrike Outage

Interview21 Nov 2024

You're Hired! The Truth About Certifications in Cybersecurity Careers

News Feature2 Dec 2024

T-Mobile Claims Salt Typhoon Did Not Access Customer Data

News28 Nov 2024

Darknet Services Fuel Holiday Scams and E-Commerce Exploits

News26 Nov 2024

Top 10 Cyber-Attacks of 2024

News Feature2 Dec 2024

Google Deindexes Chinese Propaganda Network

News25 Nov 2024

Podcasts

The Team are Joined by Cybersecurity Experts to Review 2022 and How to Prepare Information Security for 2023
14 Dec 2022 Podcast
Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent.
16 Nov 2022 Podcast
Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month.
27 Sep 2022 Podcast
Into Security Podcast - Episode 15
29 May 2020 Podcast

Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024

News10 Apr 2025

WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

News9 Apr 2025

WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software

Microsoft Fixes Over 130 CVEs in April Patch Tuesday

News9 Apr 2025

Google Releases April Android Update to Address Two Zero-Days

News8 Apr 2025

NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog

News8 Apr 2025

CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

News8 Apr 2025

Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

News4 Apr 2025

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution

CrushFTP Vulnerability Exploited Following Disclosure Issues

News3 Apr 2025

WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks

News1 Apr 2025

New Malware Variant RESURGE Exploits Ivanti Vulnerability

News31 Mar 2025

CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282

Events coming up

Infosecurity Europe 2025

Event3 – 5 Jun 2025

Next-gen infosec

How to Prevent Data Leakages

Next-Gen11 Aug 2023

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen4 Aug 2023

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen21 Jul 2023