Application Security News and Articles
Zenity announced runtime protection for OpenAI’s AgentKit, providing enterprise-grade enforcement that detects and blocks data leakage, secret exposure and unsafe agent behavior in real time. This launch follows Zenity Labs’ recent research ...
Tidal Cyber is proud to announce the release of NARC AI (Natural Attack Reading and Comprehension), the first AI engine purpose-built to automatically extract adversary procedures and MITRE ATT&CK-aligned threat intelligence from unstructured ...
An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account.
The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek.
This article was originally published in Hackernoon on 10/29/25 by Charlie Sander. AI is super-charging social engineering, and K-12 is still a precious target With an average of 2,739 edtech tools per district, staff and students rely heavily ...
Significant cybersecurity M&A deals announced by Jamf, LevelBlue, Ping Identity, Twilio, and Veeam Software.
The post Cybersecurity M&A Roundup: 45 Deals Announced in October 2025 appeared first on SecurityWeek.
For today’s enterprises, cybersecurity maturity is a key growth enabler. The organizations that thrive are those that treat cybersecurity not as a box to check, but as a business accelerator, an integrated part of strategic planning and ...
A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to ...
When Elephant Insurance was hacked and millions of driver’s license numbers were exposed, the Fourth Circuit confronted a crucial privacy law dilemma: Is data theft alone enough to sue, or must harm be public and provable? This case exposes how ...
Artificial Intelligence is reshaping the cybersecurity landscape—and with it, a new generation of attack vectors is emerging. From prompt injection to model poisoning and adversarial attacks, threat actors are exploiting vulnerabilities unique ...
PowerShell and .NET variants of the malware abuse AirWatch’s MDM API to establish a C&C communication channel.
The post Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks appeared first on SecurityWeek.
The two bugs are high-severity type confusion and inappropriate implementation issues in the browser’s V8 JavaScript engine.
The post Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities appeared first on SecurityWeek.
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying ...
Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and ...
In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of ...
A practical roadmap for BO7 boosting and Black Ops 7 services across Xbox, PlayStation, Battle.net, Steam, and the cloud—ownership, cross-save, and security.
The post BO7 boosting: Cross-platform, Game Pass & cloud logistics appeared first ...
AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, and IAM no longer align with how employees and AI agents access data. ...
Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities now drive much of the continent’s financial and social engineering crime, making ...
In this episode, we explore OpenAI’s groundbreaking release GPT Atlas, the AI-powered browser that remembers your activities and acts on your behalf. Discover its features, implications for enterprise security, and the risks it poses to ...
Summary
In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape.
Rau notes that the past summer was exceptionally busy for ...
Discover lightweight, open-source identity management solutions perfect for securing your home lab. Compare Authelia, Authentik, and other tools to find the right fit.
The post Lightweight Open Source Identity Management Solutions for Home Labs ...
