Application Security News and Articles
11Critical
110Important
0Moderate
0Low
Microsoft addresses 121 CVEs including one zero-day which was exploited in the wild.
Microsoft patched 121 CVEs in its April 2025 Patch Tuesday release, with 11 rated critical and 110 rated as ...
The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software.
The post Adobe Calls Urgent Attention to Critical ColdFusion Flaws appeared first on SecurityWeek.
As artificial intelligence continues to transform how we do business, cybercriminals are finding equally innovative ways to weaponize it. Over the past few weeks, security researchers from Intel 471 and Proofpoint have uncovered a disturbing ...
Twenty-one countries signed onto the Pall Mall Process, an effort a year in the making that was created to develop a framework nations could adopt to address the proliferation and malicious use of spyware by governments that want it to track ...
Executive Summary Since RansomHub’s emergence in early 2024, the group has become the most prolific Ransomware-as-a-Service group operating today. In […]
The post RansomSnub: RansomHub’s Affiliate Confusion appeared first on Security Boulevard.
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Orogeny’ appeared first on Security Boulevard.
“There is more than one way to skin a cat,” my grandmother used to tell me. It turns out this idea applies to operational technology (OT) security as well. If we take a look at the market (and my own experience in this industry), some common ...
In cybersecurity, some of the most dangerous threats don’t come from exotic malware or zero-day exploits. Instead, they come from what’s already inside your environment—trusted tools, native utilities, and everyday system processes. Welcome ...
Texas network access control startup closes a Series B round led by Updata Partners and brings the total raised to $60 million.
The post Network Access Vendor Portnox Secures $37.5 Million Investment appeared first on SecurityWeek.
In the ever-evolving world of cybersecurity, certain tools and techniques possess a fascinating duality. They're designed to protect our digital lives, yet they can also be wielded by malicious actors to carry out cyberattacks. These are known as ...
In a bold move that’s shaking up the cybersecurity industry, Google announced its intent to acquire cloud security unicorn Wiz for $32 billion—one of the largest cybersecurity acquisitions in history. The deal has drawn widespread attention ...
As part of my role as Service Architect here at SpecterOps, one of the things I’m tasked with is exploring all kinds of technologies to help those on assessments with advancing their engagement.
Not long after starting this new role, I was ...
San Francisco smart contract security startup closes a $6.75 million seed funding round led by Archetype and Winklevoss Capital.
The post Octane Raises $6.75M for Smart Contract Security Tech appeared first on SecurityWeek.
Spektion has emerged from stealth mode with $5 million in seed funding for its vulnerability management solution.
The post Vulnerability Management Firm Spektion Emerges From Stealth With $5 Million in Funding appeared first on SecurityWeek.
While often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks.
The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on ...
Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million.
The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek.
Jit has launched its new AI agents to offload specific and tedious tasks from AppSec teams such as creating risk assessments, threat models, and compliance reports; while making it easy to take action on mitigating security risk. As a result, ...
Traditional security fails with AI systems. Discover Microsoft's RAI Maturity Model and practical steps to advance from Level 1 to Level 5 in AI security governance.
The post What Microsoft Knows About AI Security That Most CISOs Don’t? ...
Credential leaks are fueling cyberattacks. Learn how credential stuffing works—and how to stop account takeovers before they start.
The post How Credential Leaks Fuel Cyberattacks appeared first on Security Boulevard.
Web applications are integral to modern business operations, facilitating customer engagement, financial transactions, and internal processes. However, their widespread use and complexity make them prime targets for cyber threats. A...
The post ...
