Application Security News and Articles
Satori announced its new capabilities, enabling security teams to be in control of all customer data across the development lifecycle in a simple, cost-effective, and holistic way. These capabilities automate the daunting tasks of discovering ...
Rhode Island disclosed in December that a ransomware attack had resulted in a data breach of its RIBridges social services database, exposing personal data of about 650,000 residents that included Social Security numbers, dates of birth, and ...
Riot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture.
The post Riot Raises $30 Million for Employee Cybersecurity Solution appeared first on SecurityWeek.
150 abandoned Amazon S3 buckets could have been leveraged to deliver malware or backdoors to governments and Fortune companies.
The post Abandoned Amazon S3 Buckets Enabled Attacks Against Governments, Big Firms appeared first on SecurityWeek.
Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.
The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek.
Explore our analysis into the eight vulnerabilities discovered in LogicalDOC DMS. Vulnerabilities include SQL injection, remote code execution, and XSS.
The post CyRC Advisory: Eight vulnerabilities discovered in LogicalDOC appeared first on ...
PAM aims to provide a privileged identity-centric approach to controlling access as part of the bigger identity ecosystem.
The post The Path of Least Resistance to Privileged Access Management appeared first on Security Boulevard.
Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.
The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
As companies dive deeper into the digital age, beefing up cybersecurity is key — it's not just an IT thing; it's a must-have for everyone on board.
The post Cybersecurity in IT Infrastructure: Protecting Digital Assets appeared first on ...
A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. ...
CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.
The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.
Dynatrace announced the expansion of its security portfolio with a new Cloud Security Posture Management (CSPM) solution. For enterprises managing complex hybrid and multi-cloud environments, Dynatrace CSPM can significantly enhance security, ...
Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.
The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.
Cybersecurity risk management company Tenable announced plans to acquire Vulcan Cyber for approximately $147 million in cash and $3 million in restricted stock units.
The post Tenable Acquires Vulcan Cyber, Building on AI-Powered Risk ...
Veriti launched Veriti Cloud, an expansion of its Exposure Assessment and Remediation platform that brings proactive cloud native remediation to the forefront. With Veriti Cloud, organizations gain advanced capabilities to automate remediation ...
Atrinet launched Atrinet URL Scanner, a solution designed to combat real-time SMS fraud. The solution combines Google Web Risk’s technology scanning capabilities with Atrinet’s telecom security expertise, enabling Communication ...
OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data. OpenNHP offers the following benefits: Reduces attack surface by hiding ...
In this Help Net Security video, Ivan Novikov, CEO of Wallarm, discusses the 2025 API ThreatStats Report, highlighting how APIs have become the primary attack surface over the past year, mainly driven by the rise of AI-related risks. Researchers ...
Financial institutions will continue to be the ultimate targets for criminals and threat actors, as a successful attack offers a significant payoff, according to Contrast Security. Contrast Security has surveyed 35 of the world’s leading ...
The Age of AI Is Upon Us The current pace of technological change beggars’ belief. Generative Artificial Intelligence (GenAI), released to the world a mere two years ago, promises to eliminate much of the tedium of the digital world. Software ...
