Application Security News and Articles
Reuven “Rubi” Aronashvili, CEO of CYE, asks a blunt question: Why are breaches still rampant when security budgets have never been larger? Drawing on his journey from leading an Israeli red‑team unit to advising Fortune‑500 boards, ...
Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, analysts with Google’s Threat Intelligence Group (GTIG) have warned. ...
BCH vs. SDR, AAR vs. CISA: Railroad industry first warned about this nasty vulnerability in 2005.
The post ‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS appeared first on Security Boulevard.
Cyberattack disrupted UNFI’s operations in June; company estimates $50–$60 million net income hit but anticipates insurance will cover most losses.
The post United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack appeared ...
Keeper Security is making its secrets management platform more accessible to artificial intelligence (AI) agents by adding support for the Model Context Protocol (MCP).
The post Keeper Security Adds Support for MCP to Secrets Management Platform ...
A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit.
The post SonicWall SMA Appliances Targeted With New ‘Overstep’ Malware appeared first on SecurityWeek.
For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild. About CVE-2025-6558 CVE-2025-6558 is a high-severity vulnerability that stems from incorrect validation of ...
Compumedics has been targeted by the VanHelsing ransomware group, which stole files from the company’s systems.
The post Compumedics Ransomware Attack Led to Data Breach Impacting 318,000 appeared first on SecurityWeek.
Immersive announced its Immersive One AI-powered Lab Builder feature to give customers and partners new ways to improve cyber skills across teams through customized labs and learning experiences. With this new tool supporting Immersive’s Prove, ...
In a major blow to pro-Russian cybercrime, authorities across Europe and the United States launched a sweeping international crackdown on the hacking group NoName057(16) between 14 and 17 July. The coordinated operation, codenamed Eastwood and ...
iCOUNTER, which helps organizations defend against targeted attacks, has launched under the helm of former Mandiant president and COO John Watters.
The post Cyber Intelligence Firm iCOUNTER Emerges From Stealth With $30 Million in Funding ...
Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild.
The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability appeared first on SecurityWeek.
Chinese hacking group Salt Typhoon targeted a National Guard unit’s network and tapped into communications with other units.
The post China’s Salt Typhoon Hacked US National Guard appeared first on SecurityWeek.
Cameron John Wagenius pleaded guilty to charges related to hacking into US telecommunications companies.
The post Former US Soldier Who Hacked AT&T and Verizon Pleads Guilty appeared first on SecurityWeek.
Italian company Exein has raised €70 million (~$81 million) in a Series C funding round led by Balderton.
The post IoT Security Firm Exein Raises $81 Million appeared first on SecurityWeek.
Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year.
The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek.
Can a person be convicted of a federal conspiracy solely by posting misleading political memes online, without ever having communicated or knowingly coordinated with their alleged co-conspirators?
The post Meme Crimes – Can You Conspire By ...
Enzoic for Active Directory is an easy-to-install plugin that integrates with Microsoft Active Directory (AD) to set, monitor, and remediate unsafe passwords and credentials. In essence, it serves as an always-on sentinel for AD, preventing users ...
2025 has been a busy year for cybersecurity. From unexpected attacks to new tactics by threat groups, a lot has caught experts off guard. We asked cybersecurity leaders to share the biggest surprises they’ve seen so far this year and what those ...
At the end of Star Wars: A New Hope, Luke Skywalker races through the Death Star trench, hearing the ghostly voice of Obi-Wan Kenobi telling him to trust him. Luke places blind trust in an intangible energy that surrounds him, he defeats Darth ...
