Application Security News and Articles
The notorious cybercrime group Hunters International is dropping ransomware to focus on data theft and extortion.
The post Hunters International Ransomware Gang Rebranding, Shifting Focus appeared first on SecurityWeek.
As businesses embrace the cloud, their attack surface expands accordingly. Cloud workloads are built on APIs, and Cequence’s expertise in API security and bot management means the company and its products are uniquely positioned to protect ...
Author: Ehud Amiri, SVP Product Management, Savyint How will the threat to identities change over the coming year? AI will […]
The post Identities and IAM Trends: Q&A With a Saviynt Identity Expert appeared first on Security Boulevard.
Google is making it easier for Gmail users to send end-to-end encrypted (E2EE) emails to anyone by adopting a process that does away with complex options like S/MIME and instead uses encrypted keys that are controlled by the sender.
The post ...
Less than two dozen cybersecurity merger and acquisition (M&A) deals were announced in March 2025.
The post Cybersecurity M&A Roundup: 23 Deals Announced in March 2025 appeared first on SecurityWeek.
Nisos
Managing Human Risk in the Employee Lifecycle
Human Resources (HR) plays a critical role in identifying and mitigating human risks throughout the Employee Lifecycle (ELC)...
The post Managing Human Risk in the Employee Lifecycle appeared ...
When it comes to the frequency and sophistication of software supply chain attacks, few industries can compare with the cryptocurrency industry. As RL’s 2025 Software Supply Chain Security Report notes: In 2024, there were close to two dozen ...
Cybercriminals commonly target K-12 schools. 71% of UK secondary schools reported a breach or attack in the previous year alone — mirrored by schools across the U.S. This, paired with internal threats, requires schools to adopt advanced ...
Steam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. “Historically, the #1 spot has been dominated by the usual suspects – big tech ...
The post How to Secure and Make Your Iframe Compliant in 2025 appeared first on Feroot Security.
The post How to Secure and Make Your Iframe Compliant in 2025 appeared first on Security Boulevard.
GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected.
The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek.
Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’.
The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability appeared first on SecurityWeek.
Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email.
The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek.
Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed.
The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek.
1touch.io launched the next-generation Enterprise Data Security Posture Management (DSPM) platform, a solution designed specifically for hybrid, multi-cloud, on-premises, and mainframe environments. By integrating continuous data discovery, ...
Corgea launches BLAST (Business Logic Application Testing), its AI-driven cybersecurity platform designed to address the risks associated with hidden code vulnerabilities, human error, and security flaws introduced by AI-assisted coding tools. ...
Bluefin announced the addition of network tokenization capabilities to its ShieldConex Tokenization as a Service and Orchestration platforms, enabling merchants to directly provision network-issued payment tokens from card brands such as Visa, ...
CyberQP has launched its Zero Trust Helpdesk Security Platform—combining QGuard for Privileged Access Management (PAM) and QDesk for End-User Access Management (EUAM). This unified solution helps IT teams reduce risk, improve efficiency, and ...
Breaking down why traditional defense-in-depth strategies fail and what security teams must do to truly outsmart attackers.
The post Defense in Depth is Broken – It’s Time to Rethink Cybersecurity appeared first on Security Boulevard.
Smishing has evolved dramatically in recent years, with increased attack frequency and a much higher quality of the fraudulent landing pages.
The post The Evolution of Smishing: 3 Ways to Detect and Prevent Attacks appeared first on ...
