Application Security News and Articles


The First Malicious MCP Server is a Warning Shot for AI Cybersecurity

  The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks! Cybersecurity researchers at Koi Security detected malicious code within an MCP server ...

Exposure Management Beyond The Endpoint

Relying on an endpoint-centric approach to exposure management can leave you with blind spots that increase risk. You need to see your environment like an attacker does. Key takeaways: Long remediation cycles and difficulty prioritizing risk ...

AI Takes Center Stage at DataTribe’s Cyber Innovation Day

From defending AI agents to teaching robots to move safely, finalists at this year’s DataTribe Challenge are charting the next frontier in cybersecurity innovation. The post AI Takes Center Stage at DataTribe’s Cyber Innovation Day appeared ...

Will AI-SPM Become the Standard Security Layer for Safe AI Adoption?

How security posture management for AI can protect against model poisoning, excessive agency, jailbreaking and other LLM risks. The post Will AI-SPM Become the Standard Security Layer for Safe AI Adoption? appeared first on SecurityWeek.

Modernizing Federal DevSecOps for CMMC and Beyond

The Cybersecurity Maturity Model Certification (CMMC) 2.0 marks a clear shift from box-checking to modernization. Compliance is, of course, important. However, this evolution highlights the need to revise our approach to how software is ...

Virtual Event Today: Zero Trust & Identity Strategies Summit

Join the virtual event we dive into the world of digital identity management and the role of zero-trust principles and associated technologies. The post Virtual Event Today: Zero Trust & Identity Strategies Summit appeared first on SecurityWeek.

Varonis Interceptor stops AI-evasive email attacks

Varonis Systems announced the availability of Varonis Interceptor, a new approach to email security that uses multi-layered AI to detect and block social engineering attacks, even when they originate from trusted or compromised sources. Attackers ...

Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities 

The new product is called CodeMender and it can rewrite vulnerable code to prevent future exploits.  The post Google DeepMind’s New AI Agent Finds and Fixes Vulnerabilities  appeared first on SecurityWeek.

Researchers uncover ClickFix-themed phishing kit

Palo Alto Networks researchers have discovered and analyzed “IUAM ClickFix Generator”, a phishing kit that allows less skilled attackers to infect unsuspecting users with malware by using the increasingly popular ClickFix social ...

We Raised $15M to Build the Future of Security Data

We’re excited to share that Realm Security has raised a $15M Series A, just 12 months after our $5M seed round. We wouldn’t be here without our customers, our team, and our partners. Thank you for believing in what we’re building and for ...

Google Offers Up to $20,000 in New AI Bug Bounty Program

The company has updated the program’s scope and has combined the rewards for abuse and security issues into a single table. The post Google Offers Up to $20,000 in New AI Bug Bounty Program appeared first on SecurityWeek.

Salesforce Refuses to Pay Ransom to Data-Stealing Hackers

Salesforce is refusing a demand by the hackers behind that widespread data-stealing attacks on its customers, which threatened to release massive amounts of the data unless the SaaS vendor negotiated a ransom payment. In an email, Salesforce ...

Realm.Security Redefines Security Data Pipelines with AI, Raises $15M to Accelerate Next-Gen SOC Operations

Realm.Security, the company pioneering an AI-native Security Data Pipeline Platform (SDPP), today announced a $15 million Series A funding round led by Jump Capital, with participation from Glasswing Ventures and Accomplice. The post ...

From Bottleneck to Enabler: A New Approach to API Security in the Age of AI

AI adoption has fundamentally redefined the role of APIs. They are no longer just conduits for data; they have become the “AI action plane” for autonomous systems. Every AI workflow, agent, and tool call now rides on an API, exposing a ...

Miggo Security Named a Gartner® Cool Vendor in AI Security

Tel Aviv, Israel, 8th October 2025, CyberNewsWire The post Miggo Security Named a Gartner® Cool Vendor in AI Security appeared first on Security Boulevard.

North Korean hackers stole over $2 billion in cryptocurrency this year

North Korean hackers have stolen more than $2 billion in cryptocurrency in 2025, according to blockchain analytics firm Elliptic, and the year isn’t over yet. Though this year’s record losses are driven largely by the February attack on ...

CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code

Get details on our discovery of a critical vulnerability in GitHub Copilot Chat. The post CamoLeak: Critical GitHub Copilot Vulnerability Leaks Private Source Code appeared first on Security Boulevard.

North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025

The hackers are believed to have stolen over $6 billion for the Pyongyang regime, financing its military programs. The post North Korean Hackers Have Stolen $2 Billion in Cryptocurrency in 2025 appeared first on SecurityWeek.

Radiflow Unveils New OT Security Platform

Radiflow360 provides enhanced visibility, risk management, and incident response capabilities for mid-sized industrial enterprises.  The post Radiflow Unveils New OT Security Platform appeared first on SecurityWeek.

Ransomware Group Claims Attack on Beer Giant Asahi

The hackers claim the theft of 27 gigabytes of data, including contracts, employee information, and financial documents. The post Ransomware Group Claims Attack on Beer Giant Asahi appeared first on SecurityWeek.