Application Security News and Articles
Workday appears to have joined the list of major companies that had their Salesforce instances targeted by hackers.
The post Workday Data Breach Bears Signs of Widespread Salesforce Hack appeared first on SecurityWeek.
U.S. authorities seized $2.8 million crypto and $70,000 from Ianis Aleksandrovich Antropenko, who they say used the Zeppelin ransomware to attack companies in the United States and elsewhere and then laundered the cryptocurrency used to pay the ...
The US has indicted Zeppelin ransomware operator Ianis Antropenko, seizing over $2.8 million in cryptocurrency from his wallet.
The post US Seizes $2.8 Million From Zeppelin Ransomware Operator appeared first on SecurityWeek.
Winners of DARPA’s AI Cyber Challenge proved AI can automate patching at scale. Their tools will go open source, offering defenders new power—but also raising concerns about AI-fueled exploits.
The post DARPA AI Cyber Challenge Winners ...
Chinese APT UAT-7237 has been targeting Taiwanese web infrastructure for long-term access to high-value entities.
The post Web Hosting Firms in Taiwan Attacked by Chinese APT for Access to High-Value Targets appeared first on SecurityWeek.
Secure Software Development – Why It Matters to Every UK SMB (Even If You Don’t Write Code) When most small and medium-sized businesses (SMBs) hear “secure development,” they think: “That doesn’t apply to us, we don’t build apps or ...
Pay-for-access dinners. Equity asks. Quiet kickbacks. The CISO payola problem is real — and it’s threatening the integrity of cybersecurity leadership.
The post Do We Have a CISO Payola Problem? appeared first on Security Boulevard.
AI is moving from proof-of-concept into everyday security operations. In many SOCs, it is now used to cut down alert noise, guide analysts during investigations, and speed up incident response. What was once seen as experimental technology is ...
Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place in DARPA’s AI Cyber Challenge (AIxCC). Main components Buttercup is ...
Data Engineering for Cybersecurity sets out to bridge a gap many security teams encounter: knowing what to do with the flood of logs, events, and telemetry they collect. About the author James Bonifield has a decade of experience analyzing ...
Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped to 3 percent, password cracking success rates have nearly doubled, and ...
While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings of a new Anaconda survey of more than 300 AI practitioners and ...
In this episode we’re discussing the alarming breach of the Tea app, a platform intended for women to share dating experiences. The hack resulted in the exposure of over 13,000 government ID photos, 72,000 user images, and over a million ...
Are Your Machine Identities Secure in the Cloud? More and more organizations are shifting their operations to the cloud. While this move optimizes business processes and enhances productivity, it also presents new challenges. One of the top ...
Can Non-Human Identity and Data Rights Solutions Revolutionize Your Cybersecurity Protocol? Non-Human Identities (NHIs) are proving to be fundamental. When data breaches escalate both in frequency and impact, a renewed focus has shifted towards ...
Is Your Travel Organization Safeguarding Its Precious Data? With cybersecurity increasingly becomes a topic of concern in every industry, the travel sector isn’t exempted. The pressing question is, “Are your travel data secrets truly ...
Creator, Author and Presenter: Jack Cable
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events ...
Testing how GPT-5, Gemini Pro 2.5, and Sonnet 4 handle basic security flawsContinue reading on Medium »
The National Science Foundation announced a new partnership with NVIDIA this past week that will enable advances in scientific discovery through artificial intelligence.
The post NSF and NVIDIA Partner to Enable Fully Open AI Models appeared ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) The RomCom attackers aren’t the only ones that have been leveraging the ...
