Application Security News and Articles


Check Point Allies with NVIDIA to Secure AI Platforms

Check Point Software Technologies Ltd. today revealed it has developed a cybersecurity platform to secure artificial intelligence (AI) factories in collaboration with NVIDIA. Announced at the NVIDIA GTC conference, the AI Cloud Protect platform ...

Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as Buildings are Blown Up

Witnesses on the Thai side of the border reported hearing explosions and seeing smoke coming from the center over the past several nights starting on Friday. The post Stragglers From Myanmar Scam Center Raided by Army Cross Into Thailand as ...

PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)

A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to redirect Internet traffic to potentially ...

Agentic Commerce Is Here. Is Your Business Ready to Accept AI-Driven Transactions?

Agentic commerce is here. See how AI-driven checkout reshapes fraud, attribution, and upsell motions, and how DataDome secures MCP, APIs, and helps you monetize trusted AI traffic. The post Agentic Commerce Is Here. Is Your Business Ready to ...

Securing the Mission: Why Container Deployment Scanning Is Essential for the DoD

As DoD agencies accelerate cloud-native adoption under DOGE efficiency mandates, securing containerized workloads is essential to mission assurance. Learn why deployment-time scanning and admission controller enforcement are critical to reduce ...

NDSS 2025 – CHAOS: Exploiting Station Time Synchronization in 802.11 Networks

Session 1A: WiFi and Bluetooth Security Authors, Creators & Presenters: Sirus Shahini (University of Utah), Robert Ricci (University of Utah) PAPER CHAOS: Exploiting Station Time Synchronization in 802.11 Networks Many locations, especially ...

Censys delivers internet intelligence to accelerate SOC triage and response

Censys announced a new offering designed to help SOC teams accelerate alert triage, reduce mean time to triage (MTTT), and accelerate incident response. The offering delivers near real-time and historical visibility into all internet-facing ...

QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability

The critical-severity flaw allows attackers to smuggle HTTP requests and access sensitive data, modify server files, or cause DoS conditions. The post QNAP NetBak PC Agent Affected by Recent ASP.NET Core Vulnerability appeared first on SecurityWeek.

Critical Microsoft WSUS Security Flaw is Being Actively Exploited

A critical security flaw in Microsoft's WSUS feature is being actively exploited in the wild by threat actors who could gain access into unpatched servers, remotely control networks, and use them to deliver malware or do other damage. Microsoft ...

Cobalt transforms ad-hoc security testing into a continuous, managed program

Cobalt has undergone a large-scale expansion of its Cobalt Offensive Security Platform to transform offensive security from ad-hoc tests into a continuous, centrally managed program. The human led, AI-powered platform provides the visibility, ...

SimSpace Raises $39 Million for Cyber Range Platform

SimSpace provides realistic cyber ranges where organizations can test attack preparedness and validate defenses. The post SimSpace Raises $39 Million for Cyber Range Platform appeared first on SecurityWeek.

Nozomi Networks enhances OT security with latest Arc release

Nozomi Networks announced a cybersecurity solution designed to safely automate threat response in operational environments. With the latest release of Nozomi Arc, users gain automated threat prevention capabilities for OT endpoints. First ...

Palo Alto Networks Extends Scope and Reach of AI Capabilities

Palo Alto Networks unveils Prisma AIRS 2.0 and Cortex AgentiX to secure AI applications and automate cybersecurity workflows. With new AI-driven protection, no-code agent building, and integrated threat detection, the company aims to simplify and ...

TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks

A new class of Mirai-based DDoS botnets have been launching massive attacks, but their inability to spoof traffic enables device remediation. The post TurboMirai-Class ‘Aisuru’ Botnet Blamed for 20+ Tbps DDoS Attacks appeared first on ...

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected commercial spyware. An analysis of the ...

AI Visibility: The Key to Responsible Governance | Kovrr

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post AI Visibility: The Key to Responsible Governance | Kovrr appeared first on Security Boulevard.

Sublime Security Raises $150 Million for Email Security Platform

Sublime Security’s Series C funding round brings the total raised by the company to more than $240 million. The post Sublime Security Raises $150 Million for Email Security Platform appeared first on SecurityWeek.

Preventing training data leakage in AI systems

Training data leakage can significantly undermine the validity of AI models. It can also pose a critical privacy risk. Read on to understand two divergent definitions of a key term in AI model training. The post Preventing training data leakage ...

IRISSCON 2025 to address the human impact on cybersecurity

Recent high-profile cybersecurity breaches affecting global brands share a common link: the human factor. Expert speakers will cover this subject in depth at IRISSCON 2025, which takes place at Dublin’s Aviva Stadium on Wednesday November ...

DAST vs AI Code: Why Dynamic Application Security Testing Can’t Keep Pace

DAST vs AI Code: TL;DR Traditional DAST requires 8+ hours for comprehensive scanning while AI-generated code deploys 10 times daily. This speed mismatch creates a fundamental security gap: most organizations run DAST weekly, leaving 70+ ...