Application Security News and Articles
Insight No. 1 — Instead of layoffs, bank on your security team.
Using Infosec layoffs to chase short-term payroll savings in cybersecurity is a dangerous gamble that will inevitably cost far more in the long run. When security teams are cut, ...
Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And ...
A survey of 1,042 senior cybersecurity managers in the U.S., the United Kingdom and Australia finds only 5% have implemented quantum-safe encryption, even though 69% recognize the risk quantum computing poses to legacy encryption ...
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, ...
How Hunters International Used the Browser to Breach Enterprises — And Why They Didn’t See It Coming
At RSAC 2025, Cato Networks delivered a presentation that SOC teams and CISOs will want to pay attention to: “Suspicious ...
Operation Endgame, mounted by law enforcement and judicial authorities from the US, Canada and the EU, continues to deliver positive results by disrupting the DanaBot botnet and indicting the leaders of both the DanaBot and Qakbot ...
Russian national Rustam Gallyamov was indicted in the US for his leading role in the development and distribution of Qakbot malware.
The post Russian Qakbot Gang Leader Indicted in US appeared first on SecurityWeek.
Operation Endgame, “Season 2”, is officially announced as of Friday, May 23rd, 2025. International law enforcement agencies and their partners have once again joined forces to disrupt and dismantle botnet infrastructure and their operators. ...
CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments.
The post Companies Warned of Commvault Vulnerability Exploitation appeared first on SecurityWeek.
A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US.
The post Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks appeared first on SecurityWeek.
Discover how ImpactQuill launched IQDMARC using PowerDMARC’s white label solution to enhance email security, and boost deliverability for clients.
The post DMARC MSP Case Study: ImpactQuill Enhances Email Security and Visibility for Clients ...
The DanaBot botnet ensnared over 300,000 devices and caused more than $50 million in damages before being disrupted.
The post DanaBot Botnet Disrupted, 16 Suspects Charged appeared first on SecurityWeek.
A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors.
The post Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors appeared first on ...
Token Security launched Model Context Protocol (MCP) Server for non-human identity (NHI). This capability brings the power of agentic AI to modern security operations and enables teams to interact with complex NHI data using simple, natural ...
As digital transformation becomes a strategic imperative, development teams have emerged as a pillar of organizations. Agile and DevOps practices have revolutionized the pace of innovation, enabling businesses to respond rapidly to evolving ...
In this Help Net Security interview, Dr. Joy Wu, Assistant Professor, UBC Sauder School of Business, discusses the psychological and societal impacts of data monetization, why current privacy disclosures often fall short, and what it will take to ...
Outsourcing cybersecurity can be a practical and affordable option. It allows small businesses to get the protection they need without straining their budgets, freeing up time and resources to focus on core operations. 76% of SMBs lack the ...
69% of global respondents to a Jumio survey say AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. This number rises to 74% in Singapore, with 71% also indicating that AI-generated scams are ...
While 47% of organizations claim to have implemented shift left security strategies, many still struggle with execution gaps and security inefficiencies, according to Pynt. Of those who haven’t implemented shift left, half of them have no ...
Here’s a look at the most interesting products from the past week, featuring releases from Anchore, Cyble, Outpost24, and ThreatMark. Outpost24 simplifies threat analysis with AI-enhanced summaries Outpost24 announced the addition of ...
