Application Security News and Articles


Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights

Michael Clapsis has been sentenced to 7 years and 4 months in prison for stealing sensitive information. The post Australian Man Sentenced to Prison for Wi-Fi Attacks at Airports and on Flights appeared first on SecurityWeek.

Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth

Claymont, Delaware, 1st December 2025, CyberNewsWire The post Kevin Lancaster Joins the usecure Board to Accelerate North American Channel Growth appeared first on Security Boulevard.

Treating MCP like an API creates security blind spots

In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He ...

Offensive cyber power is spreading fast and changing global security

Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy ...

Enterprise password audits made practical for busy security teams

Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more credentials into the mix. Some sit in proper vaults, others drift into ...

What zero trust looks like when you build it step by step

In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to steps teams can follow ...

The weekend is prime time for ransomware

Over half of organizations that experienced a ransomware event in the past year were hit during a weekend or holiday, according to a Semperis report. Those periods often come with thin staffing, slower investigation, and fewer eyes on identity ...

Granular Access Control Policies for Post-Quantum AI Environments

Learn how to implement granular access control policies in post-quantum AI environments to protect against advanced threats. Discover strategies for securing Model Context Protocol deployments with quantum-resistant encryption and context-aware ...

Kubernetes üzerinde SONARQUBE kurulumu

Sonarqube biliyorsunuz SDLC (software development life cycle) süreçlerinin vazgeçilmezi artık. Ne zaman dahil ederseniz edin kodlarınızda…Continue reading on Medium »

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Quantum encryption is pushing satellite hardware to its limits In this Help Net Security interview, Colonel Ludovic Monnerat, Commander Space ...

Qodana Isn’t a Tool — It’s an Investment in Code Quality, Stability, and Your Team!

Over the past few months, I’ve been testing Qodana in my day-to-day work as a full-stack developer — and it completely changed how I think…Continue reading on Medium »

Cybersecurity Coalition to Government: Shutdown is Over, Get to Work

The Cybersecurity Coalition, an industry group of almost a dozen vendors, is urging the Trump Administration and Congress now that the government shutdown is over to take a number of steps to strengthen the country's cybersecurity posture as ...

French Soccer Federation Hit by Cyberattack, Member Data Stolen

According to the federation, the unauthorized access was carried out using a compromised account. The post French Soccer Federation Hit by Cyberattack, Member Data Stolen appeared first on SecurityWeek.

In Other News: HashJack AI Browser Attack, Charming Kitten Leak, Hacker Unmasked

Other noteworthy stories that might have slipped under the radar: Scattered Spider members plead not guilty, TP-Link sues Netgear, Comcast agrees to $1.5 million fine. The post In Other News: HashJack AI Browser Attack, Charming Kitten Leak, ...

Social data puts user passwords at risk in unexpected ways

Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how ...

New observational auditing framework takes aim at machine learning privacy leaks

Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result of an action) used during training. A new research paper explores a ...

Why password management defines PCI DSS success

Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When you dig into real incidents involving payment data, a surprising ...

Fragmented tooling slows vulnerability management

Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations ...

Infosec products of the month: November 2025

Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, Firewalla, Forescout, Immersive, Kentik, Komodor, Minimus, Nokod Security, ...

Post-Quantum Key Exchange for MCP Authentication

Explore post-quantum key exchange methods for securing Model Context Protocol (MCP) authentication. Learn about PQuAKE, implementation strategies, and future-proofing AI infrastructure against quantum threats. The post Post-Quantum Key Exchange ...