Application Security News and Articles
Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of ...
Learn what Business Email Compromise (BEC) is, how to spot common scams, respond to attacks, and use SPF, DKIM, and DMARC to prevent future fraud.
The post BEC: Explaining Business Email Compromise appeared first on Security Boulevard.
The sovereign smartphone OS runs along Android or iOS, allowing users to switch between secure, isolated environments.
The post Soverli Raises $2.6 Million for Secure Smartphone OS appeared first on SecurityWeek.
Atlassian has released software updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira.
The post Atlassian Patches Critical Apache Tika Flaw appeared first on SecurityWeek.
Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop ...
This is the third installment in our four-part 2025 Year-End Roundtable. In Part One, we explored how accountability got personal. In Part Two, we examined how regulatory mandates clashed with operational complexity.
Part three of a four-part ...
Navigating the Most Complex Regulatory Landscapes in Cybersecurity Financial services and healthcare organizations operate under the most stringent regulatory frameworks in existence. From HIPAA and PCI-DSS to GLBA, SOX, and emerging regulations ...
Nathan Austad admitted in court to launching a credential stuffing attack against a fantasy sports and betting website.
The post Third DraftKings Hacker Pleads Guilty appeared first on SecurityWeek.
The cybersecurity battlefield has changed. Attackers are faster, more automated, and more persistent than ever. As businesses shift to cloud, remote work, SaaS, and distributed infrastructure, their security needs have outgrown traditional IT ...
Explore the best enterprise data solutions powering real-time, governed, and scalable AI platforms across analytics, ML, and operations.
The post Best Enterprise Data Solutions in 2025: Real-Time Foundations for AI at Scale appeared first on ...
Hackers stole names, addresses, dates of birth, and Social Security numbers from the credit report and identity verification services provider.
The post 700Credit Data Breach Impacts 5.8 Million Individuals appeared first on SecurityWeek.
Launching an AI initiative without a robust data strategy and governance framework is a risk many organizations underestimate. Most AI projects often stall, deliver poor...Read More
The post Can Your AI Initiative Count on Your Data Strategy and ...
Learn why modern SaaS platforms are adopting passwordless authentication to improve security, user experience, and reduce breach risks.
The post Why Modern SaaS Platforms Are Switching to Passwordless Authentication appeared first on Security ...
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related to appearance and usability: Kali’s GNOME desktop environment now organizes Kali ...
Most enterprise breaches no longer begin with a firewall failure or a missed patch. They begin with an exposed identity. Credentials harvested from infostealers. Employee logins are sold on criminal forums. Executive personas impersonated to ...
Bugcrowd unveils AI Triage Assistant and AI Analytics to help security teams proactively defend against AI-driven cyberattacks by accelerating vulnerability analysis, reducing MTTR, and enabling preemptive security decisions.
The post ...
People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what you want, then let it work through the steps. The hard part is what the agent does with personal ...
Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps engineers, it has become a common way to track system behavior, spot early ...
Mobile security has long depended on tight control over how apps and services interact with a device. A new paper from the Center for Cybersecurity Policy and Law warns that this control may weaken as the European Union’s Digital Markets Act ...
