Infosecurity Magazine

Vulnerability Management News

Scroll down for the latest news and information covering vulnerability management.

Latest News and Features

Two Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover

News

SolarWinds Web Help Desk Vulnerability Actively Exploited

News

SQL Injection Flaw Affects 40,000 WordPress Sites

News

40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin

DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon

News

Sophos CISO on Software Flaws, Vendor Risk and Secure by Design (video)

Interview

In this Infosecurity interview, we speak with Sophos CISO Ross McKerchar about one of the biggest topics dominating cybersecurity headlines today, software vulnerabilities

Notepad++ Update Hijacking Linked to Hosting Provider Compromise

News

Autonomous System Uncovers Long-Standing OpenSSL Flaws

News

Critical and High Severity n8n Sandbox Flaws Allow RCE

News

Researchers Uncover 454,000+ Malicious Open Source Packages

News

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

News

Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula

Webinars Coming Up

How To Enhance Security Operations with AI-Powered Defenses

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

5 Ways to Strengthen Your Active Directory Password Policy

White Paper

SASE Security Buyers Guide

White Paper

On-Demand Webinars

  • How to Implement Attack Surface Management in the AI and Cloud Age
  • Navigating Exposures in Energy ICS Environments
  • How to Proactively Remediate Rising Web Application Threats
  • How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
  • Experiencing a DDoS Simulation to Enhance Defenses
  • How Can the Boardroom Boost Cyber Resilience?

Podcasts

  • How 2025 Shaped the Future of Cybersecurity
  • Can AI Solve the Vulnerability Problem in Critical Infrastructure?
  • The Team are Joined by Cybersecurity Experts to Review 2022 and How to Prepare Information Security for 2023
  • Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent.
  • Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month.
  • Into Security Podcast - Episode 15

More news and features

Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation

News

World Leaks Ransomware Group Claims 1.4TB Nike Data Breach

News

Critical Appsmith Flaw Enables Account Takeovers

News

RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites

News

Zero-Day Exploits Surge, Nearly 30% of Flaws Attacked Before Disclosure

News

VulnCheck analysts found that vulnerabilities exploited before being publicly disclosed rose from 23.6% in 2024 to 28.96% in 2025

Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch

News

Chainlit Security Flaws Highlight Infrastructure Risks in AI Apps

News

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

News

Three vulnerabilities in Anthropic's Git server for the MCP can be exploited via prompt injection

Global Agencies Release New Guidance to Secure Industrial Networks

News

CodeBuild Flaw Put AWS Console Supply Chain At Risk

News

A critical AWS CodeBuild misconfiguration has exposed core repositories to potential attack

Blogs

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Blog

Zero Trust and Active Directory: What Modern AD Audits Reveal

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen