Application Security News and Articles
More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability.
The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek.
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post Kovrr Launches First-Ever CRQ-Powered Cyber Risk Register appeared first on Security Boulevard.
In his recent post, our CEO, Eyal Benishti, sounded the phishing alarm for all to hear. The message? The traditional foundation of digital business communication, trust, is collapsing under the weight of AI-driven attacks.
The post Phishing 3.0: ...
Nisos
Assessment of DPRK IT Worker Tradecraft | Nisos Research 2025
Since early 2023 Nisos has been investigating and monitoring North Korean (DPRK) IT workers, who use fake personas and stolen identities to fraudulently obtain remote ...
Aqua Security has unveiled the next phase of its AI security strategy with the introduction of Secure AI, full lifecycle security from code to cloud to prompt. These new capabilities secure AI applications through the development process and into ...
by Source Defense On a recent Source Defense roundtable, seasoned QSAs gathered to discuss the latest PCI DSS 4.0.1 updates—specifically requirements 6.4.3 and 11.6.1—and how organizations should respond. What followed was a frank, practical, ...
CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild.
The post CISA Warns of Exploited Broadcom, Commvault Vulnerabilities appeared first on SecurityWeek.
Varonis announced always-on AI risk defense that continuously identifies data exposure in real time, flags violations, and automatically fixes issues before they can become data breaches. In organizations with poor data security posture, ...
Huntress has unveiled its newly enhanced Managed Identity Threat Detection and Response (ITDR) solution, purpose-built to wreck hacker identity tradecraft, alongside new research on the growing threat of identity-based attacks and ...
Bugcrowd’s new service connects customers with a global network of vetted ethical hackers for a variety of red team engagements—fully managed through the Bugcrowd Platform. This release sets a new benchmark in the red team services ...
2025 – The International Year of Quantum Science and Technology
divya
Tue, 04/29/2025 - 07:48
It is no surprise that the United Nations declared 2025 as the International Year of Quantum Science and Technology (IYQ). Not only does it mark the ...
Arctic Wolf has introduced Cipher, an AI security assistant that provides customers with self-guided access to deeper security insights directly within the Arctic Wolf Aurora Platform. Cipher enhances investigations and alert comprehension by ...
Netwrix unveiled new solutions and capabilities across its 1Secure SaaS platform. Its new Data Security Posture Management (DSPM) solution identifies and eliminates data exposures within Microsoft 365 environments and will be available in May. ...
Oasis Security launched Oasis NHI Provisioning, a capability that automates the creation, governance, and security of non-human identities (NHIs) from their inception. Built into the Oasis NHI Security Cloud, this solution addresses the critical ...
Lumu released Lumu SecOps Platform, a fully integrated Security Operations (SecOps) platform that unifies threat detection, response, automation, compliance, and intelligence across the network, identities and endpoints—delivering full attack ...
Desired Effect, if it operates as billed, opens up a world of cutting-edge research to defenders, including zero-day vulnerability data and tailored exploit products.
The post Desired Effect Marketplace: Researchers Get Their Due, Defenders Get ...
I’ve never quite seen anything like this in my two decades of working in the Internet of Things (IoT) space. In just a few years, devices at home and work started including cameras to see and microphones to hear. Now, with new lines of vacuums ...
Sumo Logic announced a number of new security capabilities that help organizations build and operate intelligent security operations to reduce risks, accelerate threat containment, and ensure stronger security postures. “With the rise of ...
In multicloud environments, where networks stretch beyond traditional private infrastructures and are accessible over the internet, protecting encryption keys is essential for achieving robust security.
The post Futureproofing Enterprise Cloud ...
Your mobile application is not just any software. It is the face of a brand for some organizations, like e-commerce, and for some, it instills trust among its clients by bringing forth efficiency and accessibility, like BFSI. Moreover, with the ...
