Application Security News and Articles
Can Agentic AI Revolutionize Cybersecurity Practices? Where digital threats consistently challenge organizations, how can cybersecurity teams leverage innovations to bolster their defenses? Enter the concept of Agentic AI—a technology that ...
How Are Non-Human Identities Revolutionizing Cybersecurity? Have you ever considered the pivotal role that Non-Human Identities (NHIs) play in cyber defense frameworks? When businesses increasingly shift operations to the cloud, safeguarding ...
Session 5C: Federated Learning 1
Authors, Creators & Presenters: Phillip Rieger (Technical University of Darmstadt), Alessandro Pegoraro (Technical University of Darmstadt), Kavita Kumari (Technical University of Darmstadt), Tigist Abera ...
AttackIQ has issued recommendations in response to the Cybersecurity Advisory (CSA) released by the Cybersecurity and Infrastructure Security Agency (CISA) on December 9, 2025, which details the ongoing targeting of critical infrastructure by ...
The U.S. National Institute of Standards and Technology (NIST) is building a taxonomy of attack and mitigations for securing artificial intelligence (AI) agents. Speaking at the AI Summit New York conference, Apostol Vassilev, a research team ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Beam Dump’ appeared first on Security Boulevard.
AI is transforming enterprise productivity and reshaping the threat model at the same time. Unlike human users, agentic AI and autonomous agents operate at machine speed and inherit broad network permissions and embedded credentials. This creates ...
In December 2025, a ransomware attack on Marquis Software Solutions, a data analytics and marketing vendor serving the financial sector, compromised sensitive customer information held by multiple banks and credit unions, according to ...
Session 5C: Federated Learning 1
Authors, Creators & Presenters: Xiaochen Zhu (National University of Singapore & Massachusetts Institute of Technology), Xinjian Luo (National University of Singapore & Mohamed bin Zayed University of ...
Over the past decade, overall funding in Israeli cybersecurity companies has increased by more than 500%, according to YL Ventures.
The post Israeli Cybersecurity Funding Hits $4.4 Billion Record High appeared first on SecurityWeek.
The cybersecurity world loves a simple solution to a complex problem, and Gartner delivered exactly that with its recent advisory: “Block all AI browsers for the foreseeable future.” The esteemed analyst firm warns that agentic ...
Join to access sessions aimed at educating, inspiring, and provoking new ways of thinking about the hype and promise surrounding AI-powered enterprise security solutions and the threats posed by adversarial use of AI.
The post Virtual Event ...
Victoria Dubranova faces over 25 years in prison for links to Russia-backed CARR and NoName hacktivist groups.
The post US Indicts Extradited Ukrainian on Charges of Aiding Russian Hacking Groups appeared first on SecurityWeek.
GeminiJack is a zero-click Gemini attack that could have been exploited using specially crafted emails, calendar invites, or documents.
The post Google Patches Gemini Enterprise Vulnerability Exposing Corporate Data appeared first on SecurityWeek.
OWASP unveils its GenAI Top 10 threats for agentic AI, plus new security and governance guides, risk maps, and a FinBot CTF tool to help organizations secure emerging AI agents.
The post OWASP Project Publishes List of Top Ten AI Agent Threats ...
The two security defects impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO login authentication enabled.
The post Fortinet Patches Critical Authentication Bypass Vulnerabilities appeared first on SecurityWeek.
The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges.
The post Ivanti EPM Update Patches Critical Remote Code Execution Flaw appeared first on SecurityWeek.
Affecting Solution Manager, Commerce Cloud, and jConnect SDK, the bugs could lead to code injection and remote code execution.
The post SAP Patches Critical Vulnerabilities With December 2025 Security Updates appeared first on SecurityWeek.
Backslash Security announced the launch of its end-to-end solution for the secure use of Model Context Protocol (MCP) servers across software development environments. As organizations increasingly adopt AI-native coding agents and integrated ...
Dozens of vulnerabilities have been patched by the industrial giants across their products.
The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Rockwell, Schneider appeared first on SecurityWeek.
