Application Security News and Articles
Matthew Lane allegedly hacked PowerSchool using stolen credentials and admitted to extorting a telecoms provider.
The post US Student to Plead Guilty Over PowerSchool Hack appeared first on SecurityWeek.
A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated attackers to take over admin accounts and gain full control over target ...
Wireless carrier Cellcom has confirmed that a week-long widespread service outage is the result of a cyberattack.
The post Cellcom Service Disruption Caused by Cyberattack appeared first on SecurityWeek.
Google DeepMind has developed an ongoing process to counter the continuously evolving threatIndirect prompt injection (IPI) attacks.
The post Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks appeared first on SecurityWeek.
Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution.
The post Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities appeared first on SecurityWeek.
SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st.
The post Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit appeared first on SecurityWeek.
Many of the industrial control system (ICS) instances seen in internet scanning are likely or possibly honeypots, not real devices.
The post Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers appeared first on SecurityWeek.
The Israel-South Korea defense partnership has evolved from basic procurement relationships into a sophisticated technological alliance.
The post Strategic Defense Innovation: Israel and South Korea’s Technological Partnership appeared ...
Kettering Health has canceled inpatient and outpatient procedures as it deals with a system-wide outage caused by a ransomware attack.
The post Ransomware Attack Forces Kettering Health to Cancel Procedures appeared first on SecurityWeek.
In a significant escalation of cyber warfare, over 1.5 million Indian websites have been targeted in a series of coordinated cyberattacks attributed to seven Advanced Persistent Threat (APT) groups, primarily based in Pakistan. These attacks, ...
In a significant cybersecurity breach, multiple Australian pension funds were targeted in coordinated attacks, compromising over 20,000 accounts and resulting in the theft of approximately A$500,000 from members’ retirement savings. This ...
The maritime industry is undergoing a significant digital transformation, integrating advanced technologies to enhance efficiency and connectivity. However, this digital evolution brings forth escalating cybersecurity risks that cannot be ...
In a significant cybersecurity incident, Qatar National Bank (QNB), Trend Micro reports that one of the Middle East’s largest financial institutions, suffered a data breach attributed to the Turkish hacker group Bozkurt Hackers. The attackers ...
Dover, United States, 21st May 2025, CyberNewsWire
The post Attaxion Becomes the First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD) appeared first on Security Boulevard.
Veeam Software launched Veeam Kasten for Kubernetes v8, designed to bring data resilience to both traditional virtual machines (VMs) and cloud-native environments, delivering security and operational efficiency. Veeam Kasten for Kubernetes v8 ...
Strider announced new capabilities for Spark, the company’s proprietary AI-powered intelligence engine that is transforming how organizations identify and mitigate risks associated with state-sponsored threats. Industry, government, and ...
An OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed.
The post Critical OpenPGP.js Vulnerability Allows Spoofing appeared first on SecurityWeek.
In this Help Net Security interview, Anuj Goel, CEO of Cyware, discusses how threat intelligence is no longer a nice to have, it’s a core cyber defense requirement. But turning intelligence into action remains a challenge for many ...
AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 real bugs and their verified fixes, taken from the ARVO dataset. Patch ...
When a third-party tech vendor suffers a cyber incident, your business can feel the effects immediately. That’s why it’s crucial to treat vendor risk as part of your cybersecurity posture. In this Help Net Security video, Mike Toole, Director ...
