Infosecurity Magazine

Vulnerability Management News

Scroll down for the latest news and information covering vulnerability management.

Latest News and Features

Critical Appsmith Flaw Enables Account Takeovers

News

Critical vulnerability in Appsmith allows account takeover via flawed password reset process

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

News

Security flaw in RealHomes CRM plugin allowed file uploads; patches released for 30,000+ sites

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

News

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

News

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

News

Three vulnerabilities in Anthropic's Git server for the MCP can be exploited via prompt injection

Global Agencies Release New Guidance to Secure Industrial Networks

News

CodeBuild Flaw Put AWS Console Supply Chain At Risk

News

Microsoft Fixes Three Zero-Days on Busy Patch Tuesday

News

CISA Flags Actively Exploited Gogs Vulnerability With No Patch

News

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

5 Ways to Strengthen Your Active Directory Password Policy

White Paper

SASE Security Buyers Guide

White Paper

On-Demand Webinars

  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • The Team are Joined by Cybersecurity Experts to Review 2022 and How to Prepare Information Security for 2023
  • Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent.
  • Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month.
  • Into Security Podcast - Episode 15

More news and features

CISA Closes Ten Emergency Directives After Federal Cyber Reviews

News

US agency CISA has retired ten Emergency Directives issued between 2019 and 2024, marking a new step in managing federal cyber-risk

New Zero-Click Attack Lets ChatGPT User Steal Data

News

Maximum Severity “Ni8mare” Bug Lets Hackers Hijack n8n Servers

News

High-Severity Flaw in Open WebUI Affects AI Connections

News

NIST, MITRE Partner on $20m AI Centers For Manufacturing and Cybersecurity

News

Clop Ransomware Group Linked to 3.5m University of Phoenix Breach

News

A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective

Motors WordPress Vulnerability Exposes Sites to Takeover

News

A critical flaw in the Motors WordPress theme affecting more than 20,000 installations allows low-privileged users to gain full control of websites

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

News

JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

News

Top 10 Cyber-Attacks of 2025

News Feature

Blogs

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog

How to Recover Corrupt MDF File from SQL Server

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen