Application Security News and Articles
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment and ...
Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event. Why are sports ...
In this Help Net Security video, Art Poghosyan, CEO at Britive, explores the rise of agentic AI and its impact on identity security. As autonomous AI agents begin to think, act, and interact more like humans, traditional identity and access ...
Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report, API Security at a Turning Point, draws on a detailed assessment of 68 ...
Analyst III-Threat Intel Verizon Data Services | India | Hybrid – View job details As an Analyst III-Threat Intel, you will deploy security tools, analyze logs and endpoints, and assess threats across Verizon’s enterprise and ...
CVE-2025-6554 and three other Chromium vulnerabilities could allow attackers to execute code and corrupt memory remotely.
The post Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Generative AI (GenAI) is already deeply embedded in enterprises, whether managers realize it or not. Sales teams use it to craft emails, engineers run agents that generate and test code, and marketers rely on it for copywriting and campaign ...
A survey of 1,000 executives of organizations that generate less than $100 million in revenue finds 59% believe the right amount of budget is being allocated to cybersecurity, with 64% noting they also believe their organization is too small to ...
The notorious Hive successor ceases ransomware operations but pivots to pure data extortion under the new World Leaks brand.
The post Hunters International Shuts Down, Offers Free Decryptors as It Morphs Into World Leaks appeared first on ...
The IT products and services giant did not say how the intrusion occurred or whether any data was stolen from its systems.
The post Ingram Micro Scrambling to Restore Systems After Ransomware Attack appeared first on SecurityWeek.
If the analysis by researchers at CyberNews is on point, then a massive breach, involving 16 billion records previously slipped under the radar and represents the largest of its kind so far.
The post 16 Billion Exposed Records Offer Blueprint ...
There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks. The news and message boards were ...
In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly. He explains why it’s hard to secure software stacks that no one fully ...
Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to back up your data. It supports both HOTP and TOTP, so it works with ...
Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that. About the authors Ron Eddings is the Executive ...
Researchers from the University of Pretoria presented a new technique for detecting tampering in PDF documents by analyzing the file’s page objects. The technique employs a prototype that can detect changes to a PDF document, such as changes ...
While most enterprises have integrated cloud resources into their operations, many need to improve their ability to secure these environments and the data they contain, according to Thales. Cloud security challenges go beyond technology The ...
Five months after sanction Zservers, the U.S. Treasury Department targeted Aeza Group, another Russia-based bulletproof hosting services provider for allowing threat actors to host ransomware and other campaigns on its infrastructure, which is ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t recently updated the Sudo utility on ...
Officials identified the suspect as João Roque, a C&M employee who worked in information technology and allegedly helped others gain unauthorized access to PIX systems.
The post Police in Brazil Arrest a Suspect Over $100M Banking Hack ...