Application Security News and Articles
Authors/Presenters: Panel
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the ...
Explore the top 15 cloud compliance tools in 2025 that you can leverage to protect your organization and customer data.
The post Top 15 Cloud Compliance Tools in 2025 appeared first on Scytale.
The post Top 15 Cloud Compliance Tools in 2025 ...
Cycode unveiled Change Impact Analysis (CIA) technology, a key addition to its Complete ASPM platform. This solution empowers organizations to proactively assess the security impact of every code change, enabling them to identify, prioritize, and ...
Ontinue announced the expansion of its managed services to include IoT/OT environments. Ontinue ION for IoT Security is an add-on service to the Ontinue ION MXDR service that extends continuous protection to customers’ IoT and OT ...
AMD has released patches for a microprocessor vulnerability that could allow an attacker to load malicious microcode.
The post AMD Patches CPU Vulnerability Found by Google appeared first on SecurityWeek.
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. ...
Austin, TX, USA, 4th February 2025, CyberNewsWire
The post SpyCloud Pioneers the Shift to Holistic Identity Threat Protection appeared first on Security Boulevard.
In an era marked by high-profile cyber breaches, ransomware attacks, and violence committed against high-profile enterprise employees, the imperative for focused cybersecurity training for executives has escalated dramatically. For CISOs and ...
Malicious employees and insider threats pose one of the biggest security risks to organizations, as these users have more access and permissions than cybercriminals attacking the organization externally.
The post How to Root Out Malicious ...
Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.
The post Personal Information Compromised in GrubHub Data Breach appeared first on SecurityWeek.
Nymi launched next-generation wearable authenticator, the Nymi Band 4, which introduces design upgrades and expanded passwordless use cases for regulated industries, while retaining its core authentication functionality. This latest development ...
There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards.
The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek.
Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.
The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek.
The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design.
The post Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare appeared first on SecurityWeek.
Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least ...
Decentralized identity (DCI) is emerging as a solution to the significant challenges in verifying identities, managing credentials and ensuring data privacy.
The post Decentralized Identity: Revolutionizing Identity Verification in The Digital ...
The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.
The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek.
A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 million from the protocols’ investors. The fraudulent scheme According ...
DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google.
The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek.
As the Super Bowl approaches, betting websites are experiencing a surge in traffic, attracting not just enthusiastic bettors but also malicious actors looking to exploit security gaps
The post Super Bowl Betting Under Attack: Weak Security Puts ...
