Application Security News and Articles


Exposure management is the answer to: “Am I working on the right things?”

In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment and ...

Cyberattacks are changing the game for major sports events

Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event. Why are sports ...

Can your security stack handle AI that thinks for itself?

In this Help Net Security video, Art Poghosyan, CEO at Britive, explores the rise of agentic AI and its impact on identity security. As autonomous AI agents begin to think, act, and interact more like humans, traditional identity and access ...

CISOs urged to fix API risk before regulation forces their hand

Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report, API Security at a Turning Point, draws on a detailed assessment of 68 ...

Cybersecurity jobs available right now: July 8, 2025

Analyst III-Threat Intel Verizon Data Services | India | Hybrid – View job details As an Analyst III-Threat Intel, you will deploy security tools, analyze logs and endpoints, and assess threats across Verizon’s enterprise and ...

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild

CVE-2025-6554 and three other Chromium vulnerabilities could allow attackers to execute code and corrupt memory remotely. The post Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild appeared first on SecurityWeek.

Shadow AI Is Exploding, Governance Needs to Catch Up

Generative AI (GenAI) is already deeply embedded in enterprises, whether managers realize it or not. Sales teams use it to craft emails, engineers run agents that generate and test code, and marketers rely on it for copywriting and campaign ...

Survey Surfaces Myriad Small Business Security Challenges

A survey of 1,000 executives of organizations that generate less than $100 million in revenue finds 59% believe the right amount of budget is being allocated to cybersecurity, with 64% noting they also believe their organization is too small to ...

Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks

The notorious Hive successor ceases ransomware operations but pivots to pure data extortion under the new World Leaks brand. The post Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks appeared first on ...

Ingram Micro Scrambling to Restore Systems After Ransomware Attack

The IT products and services giant did not say how the intrusion occurred or whether any data was stolen from its systems. The post Ingram Micro Scrambling to Restore Systems After Ransomware Attack appeared first on SecurityWeek.

16 Billion Exposed Records Offer Blueprint for Mass Exploitation 

If the analysis by researchers at CyberNews is on point, then a massive breach, involving 16 billion records previously slipped under the radar and represents the largest of its kind so far.  The post 16 Billion Exposed Records Offer Blueprint ...

July 2025 Patch Tuesday forecast: Take a break from the grind

There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks. The news and message boards were ...

AI built it, but can you trust it?

In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly. He explains why it’s hard to secure software stacks that no one fully ...

Aegis Authenticator: Free, open-source 2FA app for Android

Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to back up your data. It supports both HOTP and TOTP, so it works with ...

Review: Attack Surface Management

Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that. About the authors Ron Eddings is the Executive ...

New technique detects tampering or forgery of a PDF document

Researchers from the University of Pretoria presented a new technique for detecting tampering in PDF documents by analyzing the file’s page objects. The technique employs a prototype that can detect changes to a PDF document, such as changes ...

Cloud security maintains its position as top spending priority

While most enterprises have integrated cloud resources into their operations, many need to improve their ability to secure these environments and the data they contain, according to Thales. Cloud security challenges go beyond technology The ...

Aeza Group Latest BPH Service Provider Sanctioned by U.S. Treasury

Five months after sanction Zservers, the U.S. Treasury Department targeted Aeza Group, another Russia-based bulletproof hosting services provider for allowing threat actors to host ransomware and other campaigns on its infrastructure, which is ...

Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t recently updated the Sudo utility on ...

Police in Brazil Arrest a Suspect Over $100M Banking Hack

Officials identified the suspect as João Roque, a C&M employee who worked in information technology and allegedly helped others gain unauthorized access to PIX systems. The post Police in Brazil Arrest a Suspect Over $100M Banking Hack ...