Application Security News and Articles
XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25.
The post MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities appeared first on ...
All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services.
The post Microsoft Bug Bounty Program Expanded to Third-Party Code appeared first on SecurityWeek.
Notepad++ found a vulnerability in the way the software updater authenticates update files.
The post Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking appeared first on SecurityWeek.
Swissbit is expanding its portfolio of multi-application security keys with the launch of the iShield Key 2, introducing a new variant featuring HID Seos, one of the most widely used credential technologies for physical access control. Following ...
Firewalla announced Firewalla Orange, a portable multi-gigabit cybersecurity firewall and Wi-Fi 7 router designed to reset expectations for how networks should be protected. Firewalla Orange delivers more than 2 gigabits of packet processing ...
Discover how AI strengthens cybersecurity by detecting anomalies, stopping zero-day and fileless attacks, and enhancing human analysts through automation.
The post AI Threat Detection: How Machines Spot What Humans Miss appeared first on Security ...
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.
The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.
Privacy laws have expanded around the world, and security leaders now work within a crowded field of requirements. New research shows that these laws provide stronger rights and duties, but the protections do not always translate into reductions ...
People expect privacy policies to explain what happens to their data. What users get instead is a growing wall of text that feels harder to read each year. In a new study, researchers reviewed privacy policies for LLMs and traced how they ...
Security incidents don’t fail because of a lack of tools; they fail because of a lack of insight. In an environment where every minute of downtime equals revenue loss, customer impact, and regulatory risk, root cause analysis has become a ...
Ransomware keeps shifting into new territory, pulling in victims from sectors and regions that once saw fewer attacks. The latest Global Threat Briefing for H2 2025 from CyberCube shows incidents spreading in ways that make it harder for security ...
Mobile networks carry a great deal of the world’s digital activity, which makes operators a frequent target for attacks. A study released by the GSMA shows that operators spend between $15 and $19 billion a year on core cybersecurity functions. ...
Here’s a look at the most interesting products from the past week, featuring releases from Apptega, Backslash Security, BigID, Black Kite, Bugcrowd, NinjaOne, Nudge Security, and Veza. Apptega Policy Manager streamlines policy creation and ...
As the clock ticks down to the full enforcement of Hong Kong’s Protection of Critical Infrastructures (Computer Systems) Ordinance on January 1, 2026, designated operators of Critical Infrastructures (CI) and Critical Computer Systems (CCS) ...
Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful technology.
The post Trump Signs Executive Order to Block State AI Regulations appeared first on SecurityWeek.
Explore behavioral analysis techniques for securing AI models against post-quantum threats. Learn how to identify anomalies and protect your AI infrastructure with quantum-resistant cryptography.
The post Behavioral Analysis of AI Models Under ...
Discover the latest changes in online account management, focusing on Enterprise SSO, CIAM, and enhanced security. Learn how these updates streamline login processes and improve user experience.
The post Learn about changes to your online account ...
Explore if facial recognition meets the criteria to be classified as a passkey. Understand the security, usability, and standards implications for passwordless authentication.
The post Is Facial Recognition Classified as a Passkey? appeared first ...
CARY, N.C., Dec. 11, 2025, CyberNewswire — With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward ...
How Can Organizations Securely Manage Non-Human Identities in Cloud Environments? Have you ever wondered how the rapid growth in machine identities impacts data security across various industries? With technology continues to advance, the ...
