Application Security News and Articles
Noteworthy stories that might have slipped under the radar: cryptojacker sentenced to prison, ECC.fail Rowhammer attack, and Microsoft limits China’s access to MAPP.
The post In Other News: McDonald’s Hack, 1,200 Arrested in Africa, ...
Silk Typhoon was seen exploiting Citrix NetScaler and Commvault vulnerabilities for initial access to victim systems.
The post Chinese Silk Typhoon Hackers Exploited Commvault Zero-Day appeared first on SecurityWeek.
Check out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan ...
Think of the Web as a digital territory with its own social contract. In 2014, Tim Berners-Lee called for a “Magna Carta for the Web” to restore the balance of power between individuals and institutions. This mirrors the original charter’s ...
Unrestricted Resource Consumption (API4:2023) is the only threat category in the OWASP API Security Top 10 explicitly dedicated to Denial of Service (DoS) and resource abuse. But despite being just one category, attackers can exploit it in many ...
This is my third in a three-part series unpacking OpenAI’s June 2025 threat intelligence report and what it signals for enterprise communication security.
The post Pro Tip for Cybercriminals… (Part 3) appeared first on Security Boulevard.
Davis Lu was sentenced to four years in prison for installing malicious code on employer’s systems and for deleting encrypted data.
The post Developer Who Hacked Former Employer’s Systems Sentenced to Prison appeared first on SecurityWeek.
CPAP Medical Supplies and Services has disclosed a data breach resulting from an intrusion that occurred in December 2024.
The post CPAP Medical Data Breach Impacts 90,000 People appeared first on SecurityWeek.
AWS has addressed a vulnerability that could have been leveraged to bypass Trusted Advisor’s S3 bucket permissions check.
The post AWS Trusted Advisor Tricked Into Showing Unprotected S3 Buckets as Secure appeared first on SecurityWeek.
Authorities in Africa have arrested 1,209 people in an Interpol-led crackdown on cybercrime that targeted nearly 88,000 victims. 11,432 malicious infrastructures were dismantled during Operation Serengeti 2025 (Source: Interpol) Operation ...
As cloud adoption continues to rise, organizations are increasingly concerned about safeguarding personal data stored and processed by cloud service providers (CSPs). ISO/IEC 27018 is an internationally recognized standard that specifically ...
Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising.
The post Hundreds Targeted in New Atomic macOS Stealer Campaign appeared first on SecurityWeek.
MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges.
The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek.
Protecting sensitive information is more than a legal obligation, it’s a competitive advantage. Cyber threats, data breaches, and regulatory penalties are growing risks for organizations of all sizes. This is where ISO 27001 compliance plays a ...
The cybersecurity landscape has reached a tipping point. Organizations are battling a constant barrage of advanced threats—ransomware, phishing, insider attacks, and zero-day exploits—that can cripple critical infrastructure and disrupt ...
Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. 1. Reveal complex networks and ownership structures Money launderers often use layered networks of offshore entities and ...
Explore the key elements of an enterprise security system, including access control, threat detection, and data protection. Learn how to build a resilient infrastructure.
The post What Constitutes an Enterprise Security System? appeared first on ...
Ransomware continues to be the major threat to large and medium-sized businesses, with numerous ransomware gangs abusing AI for automation, according to Acronis. Ransomware gangs maintain pressure on victims From January to June 2025, the number ...
Learn how to quickly format Python code for better readability using a free Python beautifier tool. Save time and write clean, professional code.
The post Quickly Format Python Code for Better Readability appeared first on Security Boulevard.
Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader ...
