Penetration testing stories - Page 5

A zero-day flaw in Microsoft SharePoint servers puts over 9,000 systems at risk, with active exploits threatening critical data security globally.

Check Point Software Technologies has earned CREST accreditation for its penetration testing services, affirming its high standards in cybersecurity assurance.

A race condition vulnerability in nopCommerce gift cards lets attackers redeem the same card repeatedly, exploiting a flaw in the checkout process.

Zyxel Networks adopts CISA's Secure by Design Pledge, enhancing SMB networking security with MFA, unique passwords, and transparent vulnerability reporting worldwide.

LevelBlue's acquisition of Trustwave creates the world's largest pure-play managed security services provider, enhancing global cyber defence capabilities.

New research reveals 84% of fintechs lack robust API security, exposing sensitive payment data to significant cyber risks beyond regulated sectors.

LevelBlue will acquire Trustwave, creating the world's largest pure-play managed security services provider with enhanced global cybersecurity capabilities.

AI powers 80% of phishing attacks, causing USD $112 million in losses in India by May 2025, as cybercrime evolves with machine-generated deception.

Trustwave reveals a surge in AI-driven and ransomware attacks, with tech firms facing 85% of global ransomware incidents amid rising cyber threats.

A new report reveals a widening gap between AI innovation and enterprise security, with 36% of firms struggling to keep up with generative AI risks.

Over 80,000 Microsoft Entra ID accounts have been targeted in the UNK_SneakyStrike takeover campaign exploiting the TeamFiltration penetration testing tool.

LevelBlue will acquire Aon's Cybersecurity and IP consulting teams, including Stroz Friedberg, adding 300 experts and boosting global cyber defence services.

Audrey Adeline of SquareX warns the browser, where 80% of device time is spent, is the new cybersecurity battleground in an evolving threat landscape.

Cobalt updates its Offensive Security Platform to streamline pentesting with faster launches, real-time collaboration, clearer risk prioritisation, and workflow automation.

Retailers face a surge in cyber-attacks as weak defences and lapses in multi-factor authentication make them prime targets for criminals seeking valuable data.

Picus Security launches Exposure Validation, a tool using real-time attack simulations to identify which vulnerabilities are truly exploitable in organisations.

Kaspersky Endpoint Security has achieved 100% tamper protection in AV-Comparatives' April 2025 test, proving its unrivalled resilience on Windows 11 systems.

Pangea's study reveals significant security risks in AI deployment, with one in ten prompt injection attacks bypassing basic defences in corporate systems.

Over 50% of enterprises now use software-driven penetration testing as their primary method to identify IT vulnerabilities, reveals Pentera survey.

Bugcrowd joins AWS ISV Accelerate Program, enhancing global reach and co-selling to offer crowdsourced security services via AWS sales teams worldwide.