Application Security News and Articles
Identity security automation platform Cerby has raised $40 million in Series B funding to scale operations.
The post Cerby Raises $40 Million for Identity Automation Platform appeared first on SecurityWeek.
Mandiant warns that a Vietnamese hacking group tracked as UNC6032 is distributing malware via fake AI video generator websites.
The post Vietnamese Hackers Distribute Malware via Fake AI-Themed Websites appeared first on SecurityWeek.
PlainID introduced Policy Management for Agentic AI. Securing the future with a solution that brings identity-aware, policy-based access control to the next generation of AI systems. As organizations adopt AI and LLM-based systems, they are ...
Radiant Logic announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility ...
Cryptocurrency has transformed how we save, spend, and invest money. But with this wave of innovation comes a new breed of scams—slick, high-tech, and harder to spot than ever.
The post How crypto is changing the game for financial scammers ...
Online threats have become increasingly sophisticated, and phishing attacks are no exception. Among the many tactics cybercriminals deploy, developing phishing campaigns by mimicking well-known companies and duplicating their online forms has ...
BalkanID has unveiled its self-service Identity Governance and Administration (IGA) Lite Platform, offering flexibility and transparent pricing. Consisting of three streamlined modules: User Access Reviews (UAR) Lite, IAM Risk Analyzer Lite, and ...
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload.
The post OneDrive Gives Web Apps Full Read Access to All Files appeared first on ...
Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity.
The post Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities appeared first ...
Mental denial of service (DOS) is the manipulative content that hijacks the cognitive processing of individuals and institutions.
The post Mental Denial of Service: Narrative Malware and the Future of Resilience appeared first on Security Boulevard.
A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. ...
Discover the different OAuth grant types, including authorization code, client credentials, and more. Learn how each type works and when to use them for secure API access.
The post What are OAuth Grant Types? appeared first on Security Boulevard.
New report says organizations should always consider environmental context when assessing the impact of vulnerabilities in CISA KEV catalog.
The post Vulnerabilities in CISA KEV Are Not Equally Critical: Report appeared first on SecurityWeek.
Physicist Neil Johnson explores how fundamental laws of nature could explain why AI sometimes fails—and what to do about it.
The post The Root of AI Hallucinations: Physics Theory Digs Into the ‘Attention’ Flaw appeared first on ...
Hackers exploited a vulnerability in Cetus Protocol, a liquidity provider on the SUI blockchain.
The post $223 Million Stolen in Cetus Protocol Hack appeared first on SecurityWeek.
Santa Clara, Calif. May 28, 2025 – Recently, global research and advisory firm Forrester released The Network Analysis and Visibility (NAV) Solutions Landscape, Q2 2025, offering a comprehensive analysis of market dynamics, technology trends, ...
Reactive security isn’t just outdated — it’s become a liability. Attackers have figured out how to weaponize speed, and defenders are struggling to keep pace.
Related: Mastering adversary emulation
At RSAC 2025, I spoke with Derek Manky, ...
A hacker known as ByteBreaker has surfaced on underground forums, claiming to have stolen data from 1.2 billion Facebook accounts. While Facebook has not confirmed the breach, the hacker is reportedly selling access to a trove of user ...
On May 23, Adidas disclosed a data breach resulting from a cyberattack on a third-party customer service provider, exposing sensitive customer information in multiple regions, including the U.S. and Europe. While Adidas did not name the vendor ...
Luxury fashion giant Dior has confirmed a cyberattack that compromised customer data in parts of Asia. The breach, discovered on May 7, impacted customers in China and South Korea, with attackers gaining unauthorized access to personal ...
