Application Security News and Articles
via the comic artistry and dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘’Physics Insight” appeared first on Security Boulevard.
We have spent what seems like an eternity of our careers trying to wrangle access issues. We set up our shiny SSO portals, federate the big apps, and feel pretty good. We have a “bubble” of control. But that bubble popped. Reality is ...
Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US.
The post Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case appeared first on SecurityWeek.
A third-party data breach is no longer a peripheral concern; it is a direct threat to an organization’s operational integrity, data security, and regulatory compliance. When a vendor or supplier experiences a security incident, the impact ...
AI is rewriting the traditional software development playbook. Developers are adopting AI on the ground, output is exploding, and leaders are being asked to convert promise into predictable velocity.
The post Vibe, then verify: How to navigate ...
SESSION
Session 1D: System-Level Security
Authors, Creators & Presenters: Hang Zhang (Indiana University Bloomington), Jangha Kim (The Affiliated Institute of ETRI, ROK), Chuhong Yuan (Georgia Institute of Technology), Zhiyun Qian (University ...
To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews.
The post How Software Development Teams Can Securely and ...
The volume of threat intelligence data has grown exponentially, but the ability to interpret and act on it has not. Every day brings new CVE disclosures, exploit releases, and vendor advisories. Teams are buried under overlapping feeds, ...
CISO burnout is increasing. Are we simply more aware of the condition? Or have demands on the CISO grown and burnout is now the inevitable result? In 2019, burnout was defined by the World Health Organization as an occupational phenomenon ...
Kolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe.
The post Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases ...
Zenity announced runtime protection for OpenAI’s AgentKit, providing enterprise-grade enforcement that detects and blocks data leakage, secret exposure and unsafe agent behavior in real time. This launch follows Zenity Labs’ recent research ...
Tidal Cyber is proud to announce the release of NARC AI (Natural Attack Reading and Comprehension), the first AI engine purpose-built to automatically extract adversary procedures and MITRE ATT&CK-aligned threat intelligence from unstructured ...
An attacker can inject indirect prompts to trick the model into harvesting user data and sending it to the attacker’s account.
The post Claude AI APIs Can Be Abused for Data Exfiltration appeared first on SecurityWeek.
This article was originally published in Hackernoon on 10/29/25 by Charlie Sander. AI is super-charging social engineering, and K-12 is still a precious target With an average of 2,739 edtech tools per district, staff and students rely heavily ...
Significant cybersecurity M&A deals announced by Jamf, LevelBlue, Ping Identity, Twilio, and Veeam Software.
The post Cybersecurity M&A Roundup: 45 Deals Announced in October 2025 appeared first on SecurityWeek.
For today’s enterprises, cybersecurity maturity is a key growth enabler. The organizations that thrive are those that treat cybersecurity not as a box to check, but as a business accelerator, an integrated part of strategic planning and ...
A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to ...
When Elephant Insurance was hacked and millions of driver’s license numbers were exposed, the Fourth Circuit confronted a crucial privacy law dilemma: Is data theft alone enough to sue, or must harm be public and provable? This case exposes how ...
Artificial Intelligence is reshaping the cybersecurity landscape—and with it, a new generation of attack vectors is emerging. From prompt injection to model poisoning and adversarial attacks, threat actors are exploiting vulnerabilities unique ...
PowerShell and .NET variants of the malware abuse AirWatch’s MDM API to establish a C&C communication channel.
The post Chinese APT Uses ‘Airstalk’ Malware in Supply Chain Attacks appeared first on SecurityWeek.
