Application Security News and Articles
The Alcohol & Drug Testing Service (TADTS) says personal information was stolen in a July 2024 ransomware attack.
The post 750,000 Impacted by Data Breach at The Alcohol & Drug Testing Service appeared first on SecurityWeek.
Cybersecurity officers need to remember that the reality is, most attacks don’t begin with a dramatic break-in… they start with a login.
The post Cybersecurity Isn’t Just an IT Line Item — It’s a Business Imperative appeared first on ...
Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771.
The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on ...
The way we manage certificates must transform. For CISOs, this is not a future problem; the time to re-architect digital trust is now.
The post The Expiring Trust Model: CISOs Must Rethink PKI in the Era of Short-Lived Certificates and Machine ...
Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS.
The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek.
Security gaps, coupled with savvy cybercriminals, lend urgency to mitigating the potential for exploitation posed by surveillance tech.
The post Who’s Watching You? FBI IG Looks to Plug Holes in Ubiquitous Technical Surveillance appeared ...
According to LinkedIn, job applications have surged over 45% in the past year, with 11,000 applications submitted every minute. This flood of applications is making it harder than ever for qualified candidates to stand out. The industry has ...
In this Help Net Security interview, Flavio Aggio, CISO at the World Health Organization (WHO), explains how the organization prepares for and responds to cyber threats during global health emergencies. These crises often lead to an increase in ...
Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, or at the edge. The solution uses the lowest amount of processing ...
Aircraft systems are getting more connected and ground operations increasingly integrated, and attackers are taking notice. They’re shifting from minor disruptions to targeting critical systems with serious intent. Any time an aircraft ...
Nearly one in 12 employees are using Chinese-developed generative AI tools at work, and they’re exposing sensitive data in the process. That’s according to new research from Harmonic Security, which analyzed the behavior of roughly 14,000 ...
Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed on Saturday. CVE-2025-53770 is being leveraged ...
I was reviewing a junior developer’s pull request when my stomach dropped.Continue reading on DevSecOps & AI »
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) For the fifth time this year, Google has patched a Chrome zero-day ...
Step-by-step directions to collect sAST through this bonus rollout.Continue reading on Medium »
Discover how to unlock $sAST and grow your crypto portfolio with free tokens .Continue reading on Medium »
Discover how to unlock $sAST and grow your crypto portfolio with free tokens .Continue reading on Medium »
Google is suing the operators behind BadBox 2.0, accusing multiple Chinese threat groups of playing different roles in the operation of the massive botnet that rolled up more than 10 million devices to run large-scale ad fraud and other malicious ...
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say.
The post Ukraine Pwns Russian Drone Maker — Gaskar is ‘Paralyzed’ appeared first on Security ...
