Application Security News and Articles
Significant cybersecurity M&A deals announced by Arctic Wolf, Bugcrowd, Huntress, Palo Alto Networks, and Zscaler.
The post Cybersecurity M&A Roundup: 30 Deals Announced in November 2025 appeared first on SecurityWeek.
Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the Next.js framework, easy to exploit, but React ...
Established in 2024 by Cybereason co-founders Lior Div and Yonatan Striem-Amit, the company has raised a total of $166 million in funding.
The post Agentic Security Firm 7AI Raises $130 Million appeared first on SecurityWeek.
Hackers stole the names, addresses, Social Security numbers, and financial and medical information of 9,542 people.
The post Inotiv Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
A malicious Rust crate (package) named evm-units, aimed at stealing cryptocurrency from unsuspecting developers, has been pulled from the official public package registry for the Rust programming language, but not before having been downloaded ...
SpecterOps and Tines announced a strategic partnership that brings native BloodHound integration to Tines, enabling customers to operationalize Attack Path Management through automated, AI-assisted workflows. This partnership combines ...
Zenity expanded its AI security platform with incident-correlation intelligence, broader agentic browser coverage, and a new open-source tool for testing emerging LLM manipulation techniques. As organizations adopt AI agents, AI assistants and ...
The state-sponsored hackers relied on phishing emails to deliver a malicious payload to Reporters Without Borders (RSF).
The post Reporters Without Borders Targeted by Russian Hackers appeared first on SecurityWeek.
Amazon Web Services (AWS) this week made an AWS Security Hub for analyzing cybersecurity data in near real time generally available, while at the same time extending the GuardDuty threat detection capabilities it provides to the Amazon Elastic ...
Austin, TX, USA, 4th December 2025, CyberNewsWire
The post SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware appeared first on Security Boulevard.
Darktrace announced a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections, and streamline SOC integrations. The new capabilities will help ...
Coro announced the latest release of its unified platform. Coro 3.7 introduces user interface enhancements designed to accelerate remediation and streamline security management for SMBs. Coro has further refined its Actionboard, equipping IT ...
The 25-page document outlines four principles for securely integrating AI with operational technology.
The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWeek.
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE ...
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development team warned on Wednesday. The maximum-severity ...
Freedom Mobile says hackers stole customers’ personal information from its account management platform.
The post Personal Information Compromised in Freedom Mobile Data Breach appeared first on SecurityWeek.
The compromised personal and financial information includes names, addresses, Social Security numbers, and card numbers.
The post Marquis Data Breach Impacts Over 780,000 People appeared first on SecurityWeek.
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.
The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.
AI browsers introduce reasoning-based risks. Learn how cross-origin AI agents dismantle web security and what defenses are needed.
The post Convenience or Catastrophe? The Dangers of AI Browsers No One is Talking About appeared first on ...
Incode has launched Deepsight, an AI defense tool that detects and blocks deepfakes, injected virtual cameras, and synthetic identity attacks. As AI systems increasingly interact and transact autonomously, the ability to instantaneously separate ...