Application Security News and Articles
Austin, TX, USA, 4th December 2025, CyberNewsWire
The post SpyCloud Data Shows Corporate Users 3x More Likely to Be Targeted by Phishing Than by Malware appeared first on Security Boulevard.
Darktrace announced a series of enhancements to Darktrace / EMAIL designed to detect and stop attacks spanning communications channels, strengthen outbound email protections, and streamline SOC integrations. The new capabilities will help ...
Coro announced the latest release of its unified platform. Coro 3.7 introduces user interface enhancements designed to accelerate remediation and streamline security management for SMBs. Coro has further refined its Actionboard, equipping IT ...
The 25-page document outlines four principles for securely integrating AI with operational technology.
The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWeek.
A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, infecting 4.3 million Chrome and Edge users with RCE ...
A critical vulnerability (CVE-2025-55182) in React Server Components (RSC) may allow unauthenticated attackers to achieve remote code exection on the application server, the React development team warned on Wednesday. The maximum-severity ...
Freedom Mobile says hackers stole customers’ personal information from its account management platform.
The post Personal Information Compromised in Freedom Mobile Data Breach appeared first on SecurityWeek.
The compromised personal and financial information includes names, addresses, Social Security numbers, and card numbers.
The post Marquis Data Breach Impacts Over 780,000 People appeared first on SecurityWeek.
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182.
The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek.
AI browsers introduce reasoning-based risks. Learn how cross-origin AI agents dismantle web security and what defenses are needed.
The post Convenience or Catastrophe? The Dangers of AI Browsers No One is Talking About appeared first on ...
Incode has launched Deepsight, an AI defense tool that detects and blocks deepfakes, injected virtual cameras, and synthetic identity attacks. As AI systems increasingly interact and transact autonomously, the ability to instantaneously separate ...
Security headlines distract, but the threats keeping CISOs awake are fundamental gaps and software supply chain risks. Learn why basics and visibility matter most.
The post Sleepless in Security: What’s Actually Keeping CISOs Up at Night ...
SandboxAQ announced an AI-SPM offering that provides visibility into where AI is being used in organizations’ tech stacks and evaluates AI assets for exploitable weaknesses, insecure dependencies, and exposure risks such as prompt injection, ...
New data shows 90% of NEDs lack confidence in cybersecurity value. CISOs and CIOs must translate cyber risk into business impact.
The post CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap appeared first on Security Boulevard.
The Center for Internet Security, Astrix Security, and Cequence Security announced a strategic partnership to develop new cybersecurity guidance tailored to the unique risks of AI and agentic systems. This collaborative initiative builds on the ...
In this Help Net Security interview, Sonia Kumar, Senior Director Cyber Security at Analog Devices, discusses how securing decentralized smart grids demands a shift in defensive strategy. Millions of distributed devices are reshaping the attack ...
On any given day, the internet carries countless signals that hint at how networks behave behind the scenes. Researchers from RIPE NCC and several universities found a way to capture a detailed snapshot of that activity by studying one day of ...
A single tap on a permission prompt can decide how far an app reaches into a user’s personal data. Most of these calls happen during installation. The number of prompts keeps climbing, and that growing pressure often pushes people into rushed ...
Quantum computing is still years away from breaking current encryption, but many security teams are already worried about what happens when that moment arrives. A new report from the Trusted Computing Group (TCG) shows that most businesses say ...
Salt Security announced it is extending its API behavioral threat protection to detect and block malicious intent targeting Model Context Protocol (MCP) servers deployed within the AWS ecosystem. Building on the recent launch of Salt’s MCP ...
