Application Security News and Articles
A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according to The Hacker News, reinforcing a persistent reality for defenders: attackers no longer wait ...
A Chrome browser extension with 6 million users, as well as seven other Chrome and Edge extensions, for months have been silently collecting data from every AI chatbot conversion, packaging it, and then selling it to third parties like ...
Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf ...
The Monetary Authority of Singapore’s cloud advisory, part of its 2021 Technology Risk Management Guidelines, advises financial institutions to move beyond siloed monitoring to adopt a continuous, enterprise-wide approach. These firms must ...
The trucking industry group has released its 2026 Transportation Industry Cybersecurity Trends Report.
The post NMFTA Warns of Surge and Sophistication of Cyber-Enabled Cargo Theft appeared first on SecurityWeek.
As holiday lights go up and inboxes fill with year-in-review emails, it’s tempting to look back on 2025 as “the year of AI.”
But for security teams, it was something more specific – the year APIs, AI agents, and MCP servers collided ...
A first-person journey from undetected fraud to defending trust—how life events, neurodiversity, and hard-won insight shaped a former fraudster into a fraud fighter.
The post Hacker Conversations: Alex Hall, One-time Fraudster appeared first on ...
The malware provides full device control and real-time surveillance capabilities like those of advanced spyware.
The post New $150 Cellik RAT Grants Android Control, Trojanizes Google Play Apps appeared first on SecurityWeek.
Introduction Let’s be honest — passwords are a pain. They’re either too simple and easy to guess, or so complicated […]
The post How Passkeys Work (Explained Simply) appeared first on Security Boulevard.
Raise your hand if you’ve fallen victim to a vendor-led conversation around their latest AI-driven platform over the past calendar year. Keep it up if the pitch leaned on “next-gen,” “market-shaping,” or “best-in-class” while they ...
Cybersecurity has always evolved in response to attacker innovation, but the pace of change over the last few years has been unprecedented—particularly with the emergence of weaponized AI to scale phishing, deepfakes, and voice cloning. As we ...
Led by Bain Capital Ventures, the investment round brings the total raised by the company to $146.5 million.
The post Adaptive Security Raises $81 Million in Series B Funding appeared first on SecurityWeek.
It’s not always immediately clear why your IP has been listed or how to fix it. To help, we’ve added a new “troubleshooting” step to the IP & Domain Reputation Checker, specifically for those whose IPs have been listed on the Combined ...
The malware hijacks purchase commissions, tracks users, removes security headers, injects hidden iframes, and bypasses CAPTCHA.
The post GhostPoster Firefox Extensions Hide Malware in Icons appeared first on SecurityWeek.
In an era marked by escalating cyber threats and evolving risk landscapes, organisations face mounting pressure to strengthen their security posture whilst maintaining seamless user experiences. At Thales, we recognise that robust security must ...
A seismic shift in digital systems is underway — and most people are missing it.
Related: Edge AI at the chip layer
While generative AI demos and LLM hype steal the spotlight, enterprise infrastructure is being quietly re-architected, not from ...
Originally published at IP Blacklist Check: How to Recover and Prevent Blacklisted IP Addresses by EasyDMARC.
When your emails suddenly stop reaching inboxes, one ...
The post IP Blacklist Check: How to Recover and Prevent Blacklisted IP ...
LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack.
The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek.
Trellix announced Trellix NDR innovations, strengthening OT-IT security with integrated visibility across complex environments, enhanced detection capabilities, and automated investigation and response to reduce the threat detection-to-response ...
XM Cyber announced an update to its platform that connects External Attack Surface Management with internal risk validation, closing the gap between what’s exposed outside and what exists inside. By bridging these two worlds, XM Cyber now ...
