Application Security News and Articles


Exploited Vulnerability Impacts Over 80,000 Roundcube Servers

Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released. The post Exploited Vulnerability Impacts Over 80,000 Roundcube Servers appeared first on SecurityWeek.

How Security Teams Can Scale Safely With Agentic AI

I’ve seen firsthand how quickly cybersecurity can evolve. The scope grows with every new platform, integration and compliance requirement. Threats move faster, data multiplies and expectations continue to rise, even when teams stay the same ...

Vulnerabilities Exposed Phone Number of Any Google User

Google has awarded $5,000 to a researcher who found security holes that enabled brute-forcing the phone number of any user.  The post Vulnerabilities Exposed Phone Number of Any Google User appeared first on SecurityWeek.

Feel the FOMO: Unlocking the Future of GRC Automation

If you’ve been around the governance, risk and compliance (GRC) space for a while, you likely remember the days when GRC workflows involved manually collecting screenshots from several systems, filling out control statuses in spreadsheets and ...

Navigating Data Security Challenges in Cloud Computing for Universities

While the cloud is generally more secure than on-premise deployments, it is not immune to vulnerabilities. The post Navigating Data Security Challenges in Cloud Computing for Universities appeared first on Security Boulevard.

Cymulate streamlines threat detection with AI-powered detection engineering assistant

Cymulate releaseed AI-powered detection engineering assistant for security information and event management (SIEM) rule threat coverage validation. Now, the Cymulate Platform automates and streamlines the detection engineering process for blue ...

Thales File Activity Monitoring enhances enterprise control over unstructured data

Thales launched Thales File Activity Monitoring, a new capability within the Thales CipherTrust Data Security Platform that enhances enterprise visibility and control over unstructured data, enabling organizations to monitor file activity in real ...

Whole Foods Distributor United Natural Foods Hit by Cyberattack

United Natural Foods has taken some systems offline after detecting unauthorized activity on its IT systems, causing disruptions to operations. The post Whole Foods Distributor United Natural Foods Hit by Cyberattack appeared first on SecurityWeek.

NIST Launches Updated Incident Response Guide

The National Institute of Standards and Technology (NIST) has released a long-awaited update to its incident response guidance: Special Publication 800-61 Revision 3 (SP 800-61r3). This new version, titled “Incident Response Recommendations and ...

The legal questions to ask when your systems go dark

At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber incidents. She shared why lawyers should assume the worst, ...

Patero CryptoQoR mitigates risks associated with quantum attacks

Patero launched CryptoQoR, a new crypto-agile software module that establishes secure communication channels and proactively mitigates security risks using hybrid post-quantum encryption. The solution can be readily deployed into existing ...

AI threats leave SecOps teams burned out and exposed

Security teams are leaning hard into AI, and fast. A recent survey of 500 senior cybersecurity pros at big U.S. companies found that 86% have ramped up their AI use in the past year. The main reason? They’re trying to keep up with a surge ...

Black Kite unveils AI-powered cyber assessments

Black Kite announced AI-powered cyber assessments, an automated solution for streamlining third-party cyber risk assessments. With its automation-led approach, Black Kite is redefining how enterprises assess risk across their vendor ecosystems to ...

Securing agentic AI systems before they go rogue

In this Help Net Security video, Eoin Wickens, Director of Threat Intelligence at HiddenLayer, explores the security risks posed by agentic AI. He breaks down how agentic AI functions, its potential to revolutionize business operations, and the ...

Cloud and AI drive efficiency, but open doors for attackers

AI adoption is increasing, with 84% of organizations now using AI in the cloud, according to Orca Security. But this innovation comes with new risks: 62% of organizations have at least one vulnerable AI package, and some of the most prevalent ...

Cybersecurity jobs available right now: June 10, 2025

The post Cybersecurity jobs available right now: June 10, 2025 appeared first on Help Net Security.

Identity’s New Frontier: AI, Machines, and the Future of Digital Trust

The identity industry faces its biggest shift yet: machines now outnumber humans 90:1 in digital systems. From AI-powered authentication to passwordless futures, discover the $61.74B transformation reshaping how we think about digital trust and ...

News alert: Seraphic launches BrowserTotal™ — a free AI-powered tool to stress test browser security

Tel Aviv, Israel, June 9, 2025, CyberNewswire — Seraphic Security, a leader in enterprise browser security, today announced the launch of BrowserTotal, a unique and proprietary public service enabling enterprises to assess their browser ...

Why agentic identities matter and what you need to know

We are entering the age of agentic AI — systems that don’t just assist but act. These agents can make decisions, carry out tasks, and adapt to changing contexts — autonomously. But with autonomy comes accountability. And the question ...

9 AI Infrastructure Terms: Must-Know Definitions

With the rise of AI across every industry, the buzzwords are flying fast—AI infrastructure, infrastructure for AI workloads, autonomous infrastructure, and more. The problem? These terms are often used interchangeably, and it’s easy to get ...