Application Security News and Articles
SANTA CLARA, Calif., November 4, 2025 – The 18th Global Security Analyst Summit (SAS) concluded successfully in Khao Lak, Thailand. Focused on the complexity of APT attacks, the summit exposed the latest attack activities from Hacking Team ...
How Are Non-Human Identities Redefining Cybersecurity? Where cyber threats continue to evolve and multiply, how can organizations effectively safeguard their digital assets? The answer lies in the emerging focus on Non-Human Identities (NHIs). ...
How Can Robust NHI Management Transform Your Cybersecurity Strategy? How non-human identities (NHI) can strengthen your organization’s cybersecurity framework? Efficiently managing NHIs is pivotal for seamless security operations. While human ...
How Does Managing Non-Human Identities Revolutionize Cyber Defense? How can organizations enhance their defenses while managing the myriad of machine identities that populate their networks? The answer lies in Non-Human Identities (NHIs), which ...
As AI agents become integral to cloud native applications, the Model Context Protocol (MCP) has emerged as a leading standard for enabling these agents to interact with external tools and data sources. But with this new architectural pattern ...
Synthetic identity theft — where criminals combine real and fabricated data to create entirely new “people” — is one of the fastest-growing forms of digital fraud. Unlike traditional identity theft, which steals from real individuals, ...
SESSION Session 1D: System-Level Security
Authors, Creators & Presenters: Yuan Li (Zhongguancun Laboratory & Tsinghua University), Chao Zhang (Tsinghua University & JCSS & Zhongguancun Laboratory), Jinhao Zhu (UC Berkeley), ...
Ransomware attacks continue to evolve into sophisticated strategic and psychological operations. Threat actors are always seeking ways to maximize their illicit gains, and they’ve now discovered a powerful piece to leverage: a ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘’Physics Insight” appeared first on Security Boulevard.
We have spent what seems like an eternity of our careers trying to wrangle access issues. We set up our shiny SSO portals, federate the big apps, and feel pretty good. We have a “bubble” of control. But that bubble popped. Reality is ...
Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US.
The post Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case appeared first on SecurityWeek.
A third-party data breach is no longer a peripheral concern; it is a direct threat to an organization’s operational integrity, data security, and regulatory compliance. When a vendor or supplier experiences a security incident, the impact ...
AI is rewriting the traditional software development playbook. Developers are adopting AI on the ground, output is exploding, and leaders are being asked to convert promise into predictable velocity.
The post Vibe, then verify: How to navigate ...
SESSION
Session 1D: System-Level Security
Authors, Creators & Presenters: Hang Zhang (Indiana University Bloomington), Jangha Kim (The Affiliated Institute of ETRI, ROK), Chuhong Yuan (Georgia Institute of Technology), Zhiyun Qian (University ...
To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews.
The post How Software Development Teams Can Securely and ...
The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories. Teams are buried under overlapping feeds, ...
CISO burnout is increasing. Are we simply more aware of the condition? Or have demands on the CISO grown and burnout is now the inevitable result? In 2019, burnout was defined by the World Health Organization as an occupational phenomenon ...
Kolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe.
The post Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases ...
Zenity announced runtime protection for OpenAI’s AgentKit, providing enterprise-grade enforcement that detects and blocks data leakage, secret exposure and unsafe agent behavior in real time. This launch follows Zenity Labs’ recent research ...
Tidal Cyber is proud to announce the release of NARC AI (Natural Attack Reading and Comprehension), the first AI engine purpose-built to automatically extract adversary procedures and MITRE ATT&CK-aligned threat intelligence from unstructured ...
