Application Security News and Articles
Don’t let hidden cloud risks become tomorrow’s headline breach. The time to dismantle the toxic cloud trilogy is now. Here’s how Tenable Cloud Security can help.
In today’s cloud environments, individual misconfigurations or ...
🚀 I Built a Local LLM Agent That Finds Secrets in Your CodeContinue reading on Medium »
Verax AI announced Verax Protect, a solution suitable even for companies in highly regulated industries, aiming to help large enterprises uncover and mitigate GenAI risks, including unintended leaks of sensitive data. As companies race to embrace ...
Nicholas Michael Kloster has pleaded guilty to computer hacking after targeting at least two organizations.
The post Man Who Hacked Organizations to Advertise Security Services Pleads Guilty appeared first on SecurityWeek.
The notorious BlueNoroff group from North Korea is using deepfake video and deceptive Zoom calls to steal cryptocurrency by enticing targets to unwittingly download malware onto their macOS devices and letting the hackers to get access into ...
Bonfy.AI has emerged from stealth mode to help organizations prevent cybersecurity, privacy and compliance risks.
The post Bonfy.AI Raises $9.5 Million for Adaptive Content Security Platform appeared first on SecurityWeek.
Here’s the thing about open-source software — it’s a gift. Someone out there wrote code and said, “Here, I’m sharing this code with you. Review it, use it, improve it, create something amazing.” Then pay it forward: publish your code ...
Discover practical strategies security teams can use to investigate suspicious activity across SaaS apps, reduce alert noise, and respond to real threats faster.
The post How to Investigate Suspicious User Activity Across Multiple SaaS ...
CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17.
The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek.
In recent conversations with prospective customers, one request keeps rising to the top: “Can you monitor Snowflake?” At first, it felt like a coincidence. But over multiple engagements, that urgency isn’t random – it reflects a deeper ...
The personal information of 167,000 individuals was compromised in an October 2024 data breach at Central Kentucky Radiology.
The post Central Kentucky Radiology Data Breach Impacts 167,000 appeared first on SecurityWeek.
Overview of the current cyber attacks in the Iran-Israel conflict The geopolitical confrontation between Iran and Israel has a long history. In recent years, as the competition between the two countries in the military, nuclear energy and ...
ClickFix, a deceptive attack method, saw a surge of more than 500% in the first half of 2025, making it the second most common attack vector after phishing, according to ESET’s latest Threat Report. The report, which looks at trends from ...
Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges.
The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution appeared first on SecurityWeek.
25-year-old Kai West, believed to be the hacker IntelBroker, was arrested in France and charged by the United States.
The post British Man Suspected of Being the Hacker IntelBroker Arrested, Charged appeared first on SecurityWeek.
Overview Recently, NSFOCUS CERT detected that Gogs issued a security bulletin and fixed the Gogs remote command execution vulnerability (CVE-2024-56731); Due to the incomplete CVE-2024-39931 fix, an authenticated attacker can delete files in the ...
Bitdefender announced Bitdefender GravityZone External Attack Surface Management (EASM), a new solution that gives businesses, managed service providers (MSPs) and their customers comprehensive visibility into their internet-facing assets and ...
AI has had dramatic impacts on almost every facet of every industry. API security is no exception. Up until recently, defending APIs meant guarding against well-understood threats. But as AI proliferates, automated adversaries, AI-crafted ...
Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day.
The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek.
Google has open-sourced a command-line interface (CLI) agent built on its Gemini 1.5 Pro model, marking a notable step toward making generative AI more inspectable, extensible, and usable for developers working outside the IDE. The tool, simply ...
