Application Security News and Articles
Vibe coding might sound like a trendy term, but it's really just developing software without automated checks and quality gates. Traditional engineering disciplines have always relied on safety measures and quality controls, so vibe coding should ...
Cyolo announced several major new capabilities, headlined by Cyolo Third-Party VPN Control. This capability within the company’s Cyolo PRO (Privileged Remote Operations) solution delivers visibility and access control for enforced third-party ...
The UK government has appointed Blaise Florence Metreweli as the next Chief of the Secret Intelligence Service (SIS), also known as MI6. Metreweli will take up the role, traditionally referred to by the codename “C,” succeeding Sir ...
In 2025, app store security threats have reached unprecedented levels, driven by increasingly sophisticated cybercriminal tactics and expanding attack surfaces.
The post App Store Security Threats in 2025: Why Hackers Target Mobile Ecosystems ...
The Archetyp Market drug marketplace has been targeted by law enforcement in an operation involving takedowns and arrests.
The post Archetyp Dark Web Market Shut Down by Law Enforcement appeared first on SecurityWeek.
Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power to vehicles’ fuel pump (if the tracker can interact with a ...
The Microsoft email accounts of several Washington Post journalists whose coverage includes national security and economic policy, including China, where hacked and could give the bad actors access to the messages that were sent and received.
The ...
CyberSaint Named in the 2025 Gartner® Market Guide for Third-Party Risk Management Technology Solutions
CyberSaint has been named a Representative Vendor in the 2025 Gartner® Market Guide for Third-Party Risk Management (TPRM) Technology ...
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Jorge Orchilles, Senior Director of Readiness and Proactive ...
Law enforcement authorities across Europe have dismantled Archetyp Market, the most enduring dark web drug market, following a large-scale operation involving six countries, supported by Europol and Eurojust. Between 11 and 13 June, a series of ...
Asheville Eye Associates says the personal information of 147,000 individuals was stolen in a November 2024 data breach.
The post Asheville Eye Associates Says 147,000 Impacted by Data Breach appeared first on SecurityWeek.
The Indian car sharing marketplace Zoomcar learned that its systems were hacked after a threat actor contacted employees.
The post Zoomcar Says Hackers Accessed Data of 8.4 Million Users appeared first on SecurityWeek.
Introduction Modern applications are increasingly powered by large language models (LLMs) that don’t just generate text—they can call live APIs, query databases, and even trigger automated workflows. The Model Context Protocol (MCP) makes ...
The KillSec ransomware group has stolen hundreds of gigabytes of data from Ireland-based eyecare technology company Ocuco.
The post 240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco appeared first on SecurityWeek.
The emerging Anubis ransomware becomes a major threat, permanently deleting user files and making recovery impossible.
The post Anubis Ransomware Packs a Wiper to Permanently Delete Files appeared first on SecurityWeek.
A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late.
The post Red Teaming AI: The Build Vs Buy Debate appeared first on SecurityWeek.
Artificial intelligence is changing everything – from how we search for answers to how we decide who gets hired, flagged, diagnosed, or denied.
Related: Does AI take your data?
It offers speed and precision at unprecedented scale. But without ...
In an era of growing cyber threats, enterprises must move beyond basic cybersecurity to prevent data breaches. This article explores the importance of a layered security approach, with a focus on automated certificate lifecycle management (CLM), ...
The cyber domain is a primary theater in the Israel-Iran conflict. Organizations across Israel must be aware and brace for a wave of sophisticated and ideologically driven cyberattacks.
The post Hacktivists Strike Within Minutes of Israel Missile ...
Three high-severity Tenable Agent vulnerabilities could allow users to overwrite and delete files, or execute arbitrary code, with System privileges.
The post High-Severity Vulnerabilities Patched in Tenable Nessus Agent appeared first on ...
