Application Security News and Articles
Session 6A: LLM Privacy and Usable Privacy
Authors, Creators & Presenters: Guanlong Wu (Southern University of Science and Technology), Zheng Zhang (ByteDance Inc.), Yao Zhang (ByteDance Inc.), Weili Wang (Southern University of Science and ...
“Start by doing what’s necessary; then do what’s possible; and suddenly you are doing the impossible.” – St. Francis of Assisi In the 12th century, St. Francis wasn’t talking about digital systems, but his advice remains startlingly ...
A data breach of credit reporting and ID verification services firm 700Credit affected 5.6 million people, allowing hackers to steal personal information of customers of the firm's client companies. 700Credit executives said the breach happened ...
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Service Outage’ appeared first on Security Boulevard.
Identity verification is quickly becoming a cornerstone of workforce security. What started as a targeted solution for stopping fake applicants or verifying new hires has expanded into something much larger: organizations now recognize that ...
AI can be used by extremist groups to pump out propaganda or deepfakes at scale, widening their reach and expanding their influence.
The post Militant Groups Are Experimenting With AI, and the Risks Are Expected to Grow appeared first on ...
ServiceNow Inc. is in advanced talks to acquire cybersecurity startup Armis in a deal that could reach $7 billion, its largest ever, according to reports. Bloomberg News first reported the discussions over the weekend, noting that an announcement ...
Session 6A: LLM Privacy and Usable Privacy
Authors, Creators & Presenters: Xiaoyuan Wu (Carnegie Mellon University), Lydia Hu (Carnegie Mellon University), Eric Zeng (Carnegie Mellon University), Hana Habib (Carnegie Mellon University), Lujo ...
The internet stayed busy, brittle, and under constant pressure in 2025. Cloudflare’s annual Radar Year in Review offers a wide view of how traffic moved, where attacks clustered, and what failed when systems were stressed. Cloudflare, which ...
Astra Security announced the launch of its Cloud Vulnerability Scanner, a new solution designed to help organizations continuously maintain validated cloud security. Cloud infrastructures change constantly as teams create new IAM roles, adjust ...
Your employees are using AI whether you’ve sanctioned it or not. And even if you’ve carefully vetted and approved an enterprise-grade AI platform, you’re still at risk of attacks and data leakage.
Key takeaways:
Security teams face three ...
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors.
The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek.
State, Local, Tribal, and Territorial (SLTT) governments operate the systems that keep American society functioning: 911 dispatch centers, water treatment plants, transportation networks, court systems, and public benefits portals. When these ...
Campus Technology & THE Journal Name Cloud Monitor as Winner in the Cybersecurity Risk Management Category BOULDER, Colo.—December 15, 2025—ManagedMethods, the leading provider of cybersecurity, safety, web filtering, and classroom ...
Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of ...
Learn what Business Email Compromise (BEC) is, how to spot common scams, respond to attacks, and use SPF, DKIM, and DMARC to prevent future fraud.
The post BEC: Explaining Business Email Compromise appeared first on Security Boulevard.
The sovereign smartphone OS runs along Android or iOS, allowing users to switch between secure, isolated environments.
The post Soverli Raises $2.6 Million for Secure Smartphone OS appeared first on SecurityWeek.
Atlassian has released software updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira.
The post Atlassian Patches Critical Apache Tika Flaw appeared first on SecurityWeek.
Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Google fixed CVE-2025-14174 in the desktop ...
This is the third installment in our four-part 2025 Year-End Roundtable. In Part One, we explored how accountability got personal. In Part Two, we examined how regulatory mandates clashed with operational complexity.
Part three of a four-part ...
