Application Security News and Articles
Those who follow the DNS abuse landscape closely may have noticed a rise in activity and abuse reports related to TDS. The use of this infrastructure for malicious purposes is becoming increasingly common. In this blog, we look at how TDS are ...
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms.
Key ...
The gen-AI adoption management platform will invest the funds in accelerating growth and product innovations.
The post Portal26 Raises $9 Million for Gen-AI Adoption Platform appeared first on SecurityWeek.
AI-driven social engineering is transforming cyberattacks from costly, targeted operations into scalable, automated threats. As generative models enable realistic voice, video, and text impersonation, organizations must abandon stored secrets and ...
The Salesloft Drift OAuth token breach compromised Salesforce data across hundreds of enterprises, including Cloudflare, Zscaler, and Palo Alto Networks. Learn how attackers exploited OAuth tokens, the risks of connected app misuse, and key steps ...
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It ...
The United States on Tuesday imposed sanctions on a group of bankers, financial institutions and others accused of laundering money from cyber crime schemes — money the Treasury Department says helps pay for North Korea’s nuclear weapons ...
ExtraHop has announced new capabilities to detect the malicious use of PowerShell. These enhancements provide the visibility needed to disrupt the attack kill chain and deliver insight to stop lateral movement in its tracks. Remote management ...
Deepwatch has released Deepwatch NEXA, a collaborative agentic AI ecosystem that delivers outcome-focused agents to transform how MDR providers and customers work together. NEXA combines natural language interaction with agentic AI to provide ...
A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution.
The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek.
ZEDEDA has released a full-stack edge Kubernetes-as-a-Service solution that extends a cloud-native deployment experience to distributed edge environments. ZEDEDA Edge Kubernetes App Flows automates the edge application lifecycle, from packaging ...
Veeam Software launched its new Veeam App for Microsoft Sentinel. The solution provides advanced integration with Veeam Data Platform and empowers organizations to detect, investigate, and respond to cyber threats and backup anomalies, delivering ...
Veza announced Access AuthZ, a new product that automates how organizations grant and revoke access across enterprise systems to address the “last mile” of identity governance. Built on the power of Veza Access Graph and Access Profiles, ...
New Relic has announced Logs Intelligence, a series of AI-strengthened capabilities that automate the time and effort required to reduce mean time to resolution (MTTR) and extract critical insights from logs. Featured key innovations, like AI Log ...
Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that uses a ...
In this Help Net Security interview, Dilek Çilingir, Global Forensic & Integrity Services Leader at EY, discusses how AI is transforming third-party assessments and due diligence. She explains how machine learning and behavioral analytics ...
VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights what matters. The tool is free to use and designed for local development ...
Smart doorbells, connected cameras, and home monitoring systems have become common sights on doorsteps and living rooms. They promise safety and convenience, but they also raise a problem. These devices record more than their owners. They capture ...
Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged cybercrime, and increasingly aggressive nation-state operations. Attackers ...
Learn how to build secure, enterprise-ready SaaS applications. This guide covers development, ops, and product security best practices for meeting enterprise requirements.
The post Enterprise Ready SaaS Application Guide to Product Security ...
