Application Security News and Articles
Part 3: Stealth Networking in Action – Real-World Deployment Scenarios
Editor’s Note: In Part Two of this series, we explored why tunnel-free architectures are the foundation of the Trusted Cloud Edge. Now it’s time to move from theory to ...
I'm going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code.
The post Automatic Secrets ...
Summer’s lease hath all too short a date: Let’s ask Ian Betteridge.
The post Google Hack Redux: Should 2.5B Gmail Users PANIC Now? appeared first on Security Boulevard.
In the wake of last week’s revelation of a breach at Salesloft by a group tracked by Google as UNC6395, several companies – including Zscaler, Palo Alto Networks, PagerDuty, Tanium, and SpyCloud – have confirmed their Salesforce ...
Part of a wave of DDoS attacks that lasted for weeks, the assault was a UDP flood mainly originating from Google Cloud.
The post Cloudflare Blocks Record-Breaking 11.5 Tbps DDoS Attack appeared first on SecurityWeek.
Artificial intelligence (AI) is rapidly transforming software development, accelerating innovation, streamlining processes, and opening the door to entirely new capabilities.
The post AI Governance and Risk in Securing Software Supply Chains ...
Creator, Author and Presenter: Evan Johnson
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s ...
The transaction is valued up to $150 million, including performance-based retention awards, a Varonis spokesperson told SecurityWeek.
The post Varonis Acquires Email Security Firm SlashNext appeared first on SecurityWeek.
The Model Context Protocol (MCP) emerged as the answer to agent chaos. It's the structured way agents talk to each other and to your systems. But MCP only works if agents actually use it. And right now, nothing stops external agents from going ...
Varonis Systems acquired SlashNext, an AI-native email security provider. Their predictive AI sees through evasive tactics, removes threats from the inbox, and protects from multi-channel phishing attacks. Hackers are flooding users with social ...
A few days ago, my friend Javvad Malik—a sharp voice in our industry and someone I trust—shared something that made me stop and think. Javvad, KnowBe4’s security awareness advocate, summed up the state of things beautifully: “Cyber ...
In a recent podcast interview with Cybercrime Magazine host, Heather Engel, Cimcor President and CEO, Robert E. Johnson, III discuss how organizations are starting to move away from treating IT operations and cybersecurity as two separate areas ...
SentinelOne nears $1B ARR as Purple AI adoption grows and revenue surges 22% YoY, outpacing cybersecurity market growth amid rising AI-driven threats.
The post SentinelOne Gains Adoption Momentum Despite Macro Economic Headwinds appeared first on ...
Many organizations struggle with security gaps even after investing in different tools and processes. One of the most common reasons for breaches is the presence of unresolved weaknesses in systems....
The post Patch Management vs Vulnerability ...
August 2025 saw critical CVEs surface, including high-impact flaws in WinRAR and Microsoft SharePoint. This blog highlights the most urgent vulnerabilities, their potential business risks, and the patch actions security teams should prioritize to ...
The Midnight Blizzard cyberspies used compromised websites to trick users into authorizing devices they controlled.
The post Amazon Disrupts Russian Hacking Campaign Targeting Microsoft Users appeared first on SecurityWeek.
The vulnerability (CVE-2025-55177) was exploited along an iOS/macOS zero-day in suspected spyware attacks.
The post WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users appeared first on SecurityWeek.
In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ...
AI is becoming an autonomous exploit engine. Experts warn of an AI-driven vulnerability crisis — but resilience, alliances, and action can blunt the impact.
The post The AI Vulnerability Crisis is Coming — Can Defenders Catch Up? appeared ...
Recently, Gartner released “Hype Cycle for APIs, 2025”, NSFOCUS was selected as a Representative vendor in API Threat Protection of Hype Cycle with its cloud-native API security solution. We believe, this recognition reflects NSFOCUS’s ...
