Vulnerability Management News

Scroll down for the latest news and information covering vulnerability management.

Browse other Risk Management topics

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Silk Typhoon Shifts Tactics to Exploit Common IT Solutions

News5 Mar 2025

VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities

News4 Mar 2025

CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws

News4 Mar 2025

CISA has added five more CVEs into its known exploited vulnerabilities catalog

BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

News3 Mar 2025

Old Vulnerabilities Among the Most Widely Exploited

News28 Feb 2025

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report

Software Vulnerabilities Take Almost Nine Months to Patch

News27 Feb 2025

Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code

99% of Organizations Report API-Related Security Issues

News26 Feb 2025

Only a Fifth of Ransomware Attacks Now Encrypt Data

News25 Feb 2025

Essential Addons for Elementor XSS Vulnerability Discovered

News24 Feb 2025

Malicious Ads Target Freelance Developers via GitHub

News20 Feb 2025

Don’t miss out!

Subscribe to our weekly newsletter for the latest in industry news, expert insights, dedicated information security content and online events.

Webinars coming up

How to Implement Attack Surface Management in the AI and Cloud Age

3 Apr 2025, 15:00 BST , 10:00 EDT

White papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper20 Mar 2024

5 Ways to Strengthen Your Active Directory Password Policy

White Paper30 Oct 2023

SASE Security Buyers Guide

White Paper26 Jan 2023

On-demand webinars

Navigating Exposures in Energy ICS Environments
19 Dec 2024 Webinar
How to Proactively Remediate Rising Web Application Threats
30 May 2024 Webinar
How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0
16 May 2024 Webinar
Experiencing a DDoS Simulation to Enhance Defenses
2 May 2024 Webinar
How Can the Boardroom Boost Cyber Resilience?
29 Feb 2024 Webinar
Mastering Software Supply Chain Security with Strategic Defense Mechanisms
30 Nov 2023 Webinar
Forward-Thinking Practices to Manage IT Risk
12 Oct 2023 Webinar
Vulnerability Management: Why a Risk-Based Approach is Essential
28 Sep 2023 Webinar
The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
15 Dec 2022 Webinar
Learn How to Reduce Business Costs with Ransomware Readiness
8 Dec 2022 Webinar

What’s hot on Infosecurity Magazine?

Attackers Leverage Microsoft Teams and Quick Assist for Access

News3 Mar 2025

CISA Denies Reports of Shift in Cybersecurity Posture Amid Russian Threats

News3 Mar 2025

North Korean Fake IT Workers Leverage GitHub to Build Jobseeker Personas

News4 Mar 2025

BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

News3 Mar 2025

Vodafone Trials Quantum-Safe Tech to Protect Smartphone Browsing

News3 Mar 2025

Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

News27 Feb 2025

DoD Contractor Pays $11.2M over False Cyber Certifications Claims

News21 Feb 2025

Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

News27 Feb 2025

Old Vulnerabilities Among the Most Widely Exploited

News28 Feb 2025

Signal May Exit Sweden If Government Imposes Encryption Backdoor

News26 Feb 2025

61% of Hackers Use New Exploit Code Within 48 Hours of Attack

News25 Feb 2025

CISA Denies Reports of Shift in Cybersecurity Posture Amid Russian Threats

News3 Mar 2025

Alert Fatigue: What Are You and Your Security Teams Missing?

Webinar5 Dec 2024

Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

Webinar23 Jan 2025

Enhancing Software Supply Chain Management: A DORA-Focused Approach

Webinar30 Jan 2025

Dispelling the Myths of Defense-Grade Cybersecurity

Webinar4 Dec 2024

New Cyber Regulations: What it Means for UK and EU Businesses

Webinar10 Oct 2024

How to Optimize Third-Party Risk Management Programs Through NIST CSF 2.0

Webinar16 May 2024

Gatwick Airport's Cybersecurity Chief on Supply Chain Risks and CrowdStrike Outage

Interview21 Nov 2024

You're Hired! The Truth About Certifications in Cybersecurity Careers

News Feature2 Dec 2024

T-Mobile Claims Salt Typhoon Did Not Access Customer Data

News28 Nov 2024

Darknet Services Fuel Holiday Scams and E-Commerce Exploits

News26 Nov 2024

Top 10 Cyber-Attacks of 2024

News Feature2 Dec 2024

Google Deindexes Chinese Propaganda Network

News25 Nov 2024

Podcasts

The Team are Joined by Cybersecurity Experts to Review 2022 and How to Prepare Information Security for 2023
14 Dec 2022 Podcast
Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent.
16 Nov 2022 Podcast
Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month.
27 Sep 2022 Podcast
Into Security Podcast - Episode 15
29 May 2020 Podcast

Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

News20 Feb 2025

Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances

CISA and FBI Warn of Global Threat from Ghost Ransomware

News20 Feb 2025

WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack

News19 Feb 2025

OpenSSH Flaws Expose Systems to Critical Attacks

News18 Feb 2025

Palo Alto Networks and SonicWall Firewalls Under Attack

News17 Feb 2025

China-Linked Espionage Tools Used in Recent Ransomware Attack

News14 Feb 2025

CISA and FBI Warn Against Buffer Overflow Vulnerabilities

News13 Feb 2025

CHERI Security Hardware Program Essential to UK Security, Says Government

News12 Feb 2025

NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring

Microsoft Fixes Another Two Actively Exploited Zero-Days

News12 Feb 2025

Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

News11 Feb 2025

Apple has patched a zero-day vulnerability being exploited in targeted attacks

Events coming up

Infosecurity Europe 2025

Event3 – 5 Jun 2025

Next-gen infosec

How to Prevent Data Leakages

Next-Gen11 Aug 2023

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen4 Aug 2023

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen21 Jul 2023