Application Security News and Articles
The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied.
The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek.
Google has filed a lawsuit against the Badbox 2.0 botnet operators, after identifying over 10 million infected Android devices.
The post Google Sues Operators of 10-Million-Device Badbox 2.0 Botnet appeared first on SecurityWeek.
Wiz researchers discovered NVIDIAScape, an Nvidia Container Toolkit flaw that can be exploited for full control of the host machine.
The post Critical Nvidia Toolkit Flaw Exposes AI Cloud Services to Hacking appeared first on SecurityWeek.
Anne Arundel Dermatology said hackers had access to its systems for three months and may have stolen personal and health information.
The post Anne Arundel Dermatology Data Breach Impacts 1.9 Million People appeared first on SecurityWeek.
A settlement has been reached in the class action brought by investors against Meta over the Cambridge Analytica incident, but details have not been shared.
The post Settlement Reached in Investors’ Lawsuit Against Meta CEO Mark Zuckerberg and ...
Strata Identity introduced a new product, Identity Orchestration for AI Agents. Built on Strata’s Maverics vendor-agnostic identity fabric and hybrid air-gap architecture, it provides identity guardrails and observability for AI agents without ...
In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an eleventh-hour reprieve saved the day. While CVEs do not encompass the ...
In this Help Net Security interview, Galal Ibrahim Maghola, former Head of Cybersecurity at G42 Company, discusses strategic approaches to implementing DevSecOps at scale. Drawing on experience in regulated industries such as finance, telecom, ...
96% of organizations are deploying AI models, and virtually no organization can move into the future without considering how ML and intelligent apps might soon affect its operations, according to F5. Only 2% of global organizations are highly ...
Buy Now, Pay Later (BNPL) apps are everywhere these days. Whether you’re buying sneakers or groceries, chances are you’ve seen the option to split your payments over time. It’s quick and easy. But behind the convenience is a growing privacy ...
Here’s a look at the most interesting products from the past week, featuring releases from At-Bay, Immersive, NETSCOUT, Socure, and Stellar Cyber. Stellar Cyber 6.0.0 enhances automation, workflow intelligence, and user experience The 6.0.0 ...
Threat actors are using anti-box tools, AI, and cloaking-as-a-service tactics to bypass security tools by showing a phishing or other malicious site to targets and harmless ones to detection and blocking tools, techniques that SlashNext ...
1Password this week announced it has added a Model Context Protocol (MCP) server to the Trelica governance platform for software-as-a-service (SaaS) applications it acquired earlier this year. In addition, the MCP Server for Trelica by 1Password ...
Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to credentials being stolen or phishing attacks.
The ...
Cybersecurity startup Empirical Security has raised $12 million in seed funding for its vulnerability management platform.
The post Empirical Security Raises $12 Million for AI-Driven Vulnerability Management appeared first on SecurityWeek.
Palo Alto, California, 17th July 2025, CyberNewsWire
The post SquareX Collaborates with Top Fortune 500 CISOs to Launch The Browser Security Field Manual at Black Hat appeared first on Security Boulevard.
Karen Serobovich Vardanyan pleaded not guilty to charges related to his alleged role in the Ryuk ransomware operation.
The post Armenian Man Extradited to US Over Ryuk Ransomware Attacks appeared first on SecurityWeek.
At the upcoming Black Hat USA 2025 in Las Vegas, Stellar Cyber will debut its Identity Threat Detection & Response (ITDR) capabilities, fully embedded into its open, unified, AI-driven SecOps platform. See Identity Threat Detection & ...
Deployed on mobile devices confiscated by Chinese law enforcement, Massistant can collect user information, files, and location.
The post Mobile Forensics Tool Used by Chinese Law Enforcement Dissected appeared first on SecurityWeek.
Although there are many positives to new QC technology, we can’t ignore the fact that we’re entering an era of quantum computing that brings some serious cybersecurity threats.
The post Are We Truly Prepared for the Era of Quantum Computing? ...
