Application Security News and Articles
The attack that resulted in the Salesloft Drift data breach started with the compromise of the company’s GitHub account, Salesloft confirmed this weekend. Supply chain compromise On August 26, the company publicly revealed that earlier that ...
Just a few months after Elon Musk’s retreat from his unofficial role leading the Department of Government Efficiency (DOGE), we have a clearer picture of his vision of government powered by artificial intelligence, and it has a lot more to do ...
The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack.
The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek.
Beyond ransomware and phishing, hidden cyberthreats are rising — from AI-driven deepfakes and scams to shadow IT, and supply chain attacks.
The post The Cyberthreats No One Talks About but Everyone Faces appeared first on Security Boulevard.
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post Reports Hub Shapes Cyber Risk Insights for Leaders | Kovrr appeared first on Security Boulevard.
Canadian firm Wealthsimple says a data breach impacts the information of some customers, but accounts and funds remain secure.
The post Fintech Firm Wealthsimple Says Supply Chain Attack Resulted in Data Breach appeared first on SecurityWeek.
Significant cybersecurity M&A deals announced by Accenture, CrowdStrike, F5, Okta, and SentinelOne.
The post Cybersecurity M&A Roundup: 27 Deals Announced in August 2025 appeared first on SecurityWeek.
The Linux Kernel Runtime Guard (LKRG) is a kernel module that checks the Linux kernel while it’s running. It looks for signs of tampering and tries to catch attempts to exploit security flaws in the kernel. Because it’s a module and not a ...
Top cybersecurity conferences are introducing new rules that require researchers to formally address ethics in their work. Starting with the 2026 USENIX Security Symposium, all submissions must include a stakeholder-based ethics analysis. Other ...
InterceptSuite is an open-source, cross-platform network traffic interception tool designed for TLS/SSL inspection, analysis, and manipulation at the network level. “InterceptSuite is designed primarily for non-HTTP protocols, although it ...
The democratization of AI has fundamentally lowered the barrier for threat actors, creating a bigger pool of people who can carry out sophisticated attacks. The so-called democratization of security, on the other hand, has resulted in chaos. The ...
Identity security is becoming a core part of cybersecurity operations, but many organizations are falling behind. A new report from SailPoint shows that as AI-driven identities and machine accounts grow, most security teams are not prepared to ...
Generative AI is showing up everywhere in the enterprise, from customer service chatbots to marketing campaigns. It promises speed and innovation, but it also brings new and unfamiliar security risks. As companies rush to adopt these tools, many ...
In this episode, we discuss a recent significant cyber attack where Palo Alto Networks experienced a data breach through their Salesforce environment due to a compromised SalesLoft drift integration. Throughout the discussion, we highlight why ...
Is Your Organization Managing its Non-Human Identities Effectively? Effective secrets and Non-Human Identities (NHIs) management is critical. These entities form the foundation of your organization’s security infrastructure, playing a crucial ...
Why Proactive NHI Management is Crucial? Is your organization ready to face the ruthlessness of cyber threats? While businesses continue to adopt cloud computing, it is becoming vital to manage and secure Non-Human Identities (NHIs) to avoid data ...
Creator, Author and Presenter: Matthew Sullivan, Dominic Zanardi
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the ...
For decades, governments nationwide have predicted a coming tidal wave of retirements will cripple critical government services. But recent surveys say otherwise.
The post No Retirement? No Problem: Rethinking Workforce Planning appeared first on ...
Ever feel like you’re handing your secrets to a robot you just met? That’s how it feels putting private code into AI tools. Are you really…Continue reading on Medium »
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Zscaler, Palo Alto Networks, SpyCloud among the affected by Salesloft Drift breach In the wake of last week’s revelation of a breach at ...
