Application Security News and Articles
Risk management and compliance solutions provider Vanta has raised more than $500 million since 2021.
The post GRC Firm Vanta Raises $150 Million at $4.15 Billion Valuation appeared first on SecurityWeek.
The annual CISO New York summit will be held on September 9, 2025, uniting over 150 senior cybersecurity executives for a full day of insight, strategy, and collaboration at Convene, 601 Lexington Avenue. This highly curated summit is tailored ...
Clorox is blaming Congnizat for the 2023 cyberattack, claiming that the IT provided handed over passwords to the hackers.
The post Clorox Sues Cognizant for $380 Million Over 2023 Hack appeared first on SecurityWeek.
Intel 471 launched Guided Threat Hunts, a new method-driven tool within the Hunt Management Module, part of our HUNTER solution. As threat hunting for advanced adversaries continues to be an increasingly complex, time-consuming and resource-heavy ...
Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign.
The post High-Value NPM Developers Compromised in New Phishing Campaign appeared first on SecurityWeek.
Vibe coding is here. And it’s not just a fad — it’s reshaping how we build, deploy and even conceive of software. But unless we hit the brakes and bake in security now, we’re setting ourselves up for another generation of vulnerabilities, ...
SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks.
The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek.
Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is ...
President Donald Trump has unveiled a sweeping new plan for America’s “global dominance” in artificial intelligence.
The post From Tech Podcasts to Policy: Trump’s New AI Plan Leans Heavily on Silicon Valley Industry Ideas appeared ...
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek.
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can ...
In this Help Net Security interview, Aleksandar Stančin, Board Member Adriatics, Exclusive Networks, discusses the state of cybersecurity in the Adriatic region. He talks about how local markets often lag behind EU regulations, despite facing ...
Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast Security. These attacks target the custom code, APIs, and logic that power ...
The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024. The ITRC could track a record number of compromises in 2025 if the current data breach trend ...
Amazzon Beee Buzzzz: It records everything you say (and what people around you say, too).
The post Amazon AI Privacy Panic — Bee Brings Bezos Panopticon appeared first on Security Boulevard.
A new ransomware variant dubbed "Crux" was detected by Huntress researchers in three attacks this month, with the group favoring RDP for initial access and legitimate processes to make it more difficult to detect it. The group also claims to be ...
With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown ...
The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed a long-running investigation led by the French Police and Paris ...
Bitdefender expanded support for Facebook and Instagram for Bitdefender Security for Creators, a dedicated cybersecurity solution for digital content creators, social media influencers, and online creatives. With this expansion, the service ...
AI voice clones can impersonate people in a way that Altman said is increasingly “indistinguishable from reality” and will require new methods for verification.
The post OpenAI’s Sam Altman Warns of AI Voice Fraud Crisis in Banking appeared ...
