Application Security News and Articles
Insight No. 1 — We are frogs, falling asleep in security-debt stew
Companies are drowning in high-risk software security debt, with critical vulnerabilities festering for an average of 252 days before they’re fixed — long enough to turn ...
Noteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don’t contain a backdoor, MassJacker cryptojacking malware.
The post In Other News: Swiss Breach ...
The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment.
The post ClickFix Widely Adopted by Cybercriminals, APT Groups appeared first on SecurityWeek.
Russian-Israeli LockBit ransomware developer Rostislav Panev has been extradited from Israel to the United States.
The post LockBit Ransomware Developer Extradited to US appeared first on SecurityWeek.
Measure the different level of risk inherent to all gen-AI foundational models and use that to fine-tune the operation of in-house AI deployments.
The post New AI Security Tool Helps Organizations Set Trust Zones for Gen-AI Models appeared first ...
APIs serve as essential links in today’s digital infrastructure, enabling data sharing and application integration. However, their widespread use has made them prime targets for attackers. Hence, strict compliance with security regulations is ...
Your guide on how to get through the conference with your sanity, energy, and key performance indicators (KPIs) intact.
The post RSA Conference Playbook: Smart Strategies from Seasoned Attendees appeared first on SecurityWeek.
Two Microsoft researchers have devised a new jailbreak method that bypasses the safety mechanisms of most AI systems.
The post New CCA Jailbreak Method Works Against Most AI Models appeared first on SecurityWeek.
The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls.
The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek.
Corero Network Security announced the strategic advancement of AI capabilities across its product portfolio and operations—building on a long-standing legacy of intelligent, adaptive security solutions. For years, Corero’s SmartWall ONE ...
Cyber threats in 2025 require a proactive, adaptive approach. To stay ahead, CISOs must balance technical defenses, regulatory expectations, and human factors. By prioritizing AI-driven security, ransomware resilience, supply chain risk ...
Cloud pentesting involves manually or automatically exploiting vulnerabilities detected by a security expert or vulnerability scanner, simulating real-world hacker tactics to uncover weaknesses. By identifying these vulnerabilities, cloud ...
A recent report from Nozomi Networks Labs, based on an analysis of over 500,000 wireless networks worldwide, reveals that only 6% are adequately protected against wireless deauthentication attacks. Most wireless networks, including those in ...
Here’s a look at the most interesting products from the past week, featuring releases from Alloy, Detectify, Pondurance, and SimSpace. SimSpace Stack Optimizer allows organizations to measure their security technologies Stack Optimizer is ...
A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a ...
Integrating Cyber Risk into Business Risk Decisions
Cybersecurity failures are now business risks that CEOs and Boards must own. The world of business owners, investors, and their representatives are collectively realizing the potentially ...
Could API Automation Be The Missing Piece In Your NHI Management? One critical question stands out: Could the underutilized potential of API automation be the missing piece in your Non-Human Identities (NHI) management strategy? With the ...
How Can Automated NHI Auditing Enhance Your Cybersecurity Strategy? Is your organization struggling with managing the ever-increasing volume of Non-Human Identities (NHIs) within your IT infrastructure? The NHI universe comprises machine ...
Why are Security Considerations Essential for Non-Human Identities Automation? The age of automation has dawned upon us. Automation carries the promise of immense business benefits, yet, it brings forth its own set of security challenges. For ...
AI Copilots and Agentic AI (those capable of independently taking actions to achieve specified goals) remain the talk of the...
The post 5 Ways to Prepare Your Data Estate for Copilot Adoption and Agentic AI appeared first on Symmetry ...
