Application Security News and Articles
The world’s first global convention to prevent and respond to cybercrime opened for signature today in Hanoi, Vietnam, and will remain open at United Nations Headquarters in New York until 31 December 2026. Adopted by the UN General Assembly in ...
Explore the latest updates across the Black Duck portfolio—from GitHub integrations and AI-powered fixes to faster scans, audit-ready SBOMs, and workflow automation.
The post Black Duck’s product release round-up: faster fixes, smarter ...
All new extensions will be required to declare their data collection practices in their manifest file using a specific key.
The post New Firefox Extensions Required to Disclose Data Collection Practices appeared first on SecurityWeek.
Technical details CVE-2025-59287 is an unsafe deserialization vulnerability in the WSUS reporting component. In short, WSUS accepts serialized data from a network request and deserializes it without performing sufficient validation. A specially ...
Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced.
The post Year-Old WordPress Plugin Flaws Exploited to Hack Websites appeared first on SecurityWeek.
Cyber insurance is no longer just a safety net; it’s a catalyst for change. With premiums climbing and coverage shrinking, insurers are forcing organizations to modernize security operations, embrace AI-driven risk quantification, and tighten ...
Coveware has attributed the drop to large enterprises increasingly refusing to pay up and smaller amounts paid by mid-market firms.
The post Ransomware Payments Dropped in Q3 2025: Analysis appeared first on SecurityWeek.
ReliaQuest’s Threat Spotlight: How Automation, Customization, and Tooling Signal Next Ransomware exposes how elite Ransomware-as-a-Service (RaaS) groups thrive. Automation, advanced tools, and attack customization attract top affiliates and ...
The rapid rise of AI and automation has helped create a new breed of researcher — the bionic hacker. Think of a Steve Austen-type researcher, only instead of body parts replaced by machines, human creativity is being augmented by ...
The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks.
The post Chrome Zero-Day Exploitation Linked to Hacking Team Spyware appeared first on SecurityWeek.
Biometric authentication has moved from fingerprints to voices to facial scans, but a team of researchers believes the next step could be inside the ear. New research explores how the ear canal’s unique acoustic properties can be used to verify ...
Learn how proxy servers enhance authentication security by filtering traffic, supporting MFA, enabling Zero Trust, and protecting against cyber threats.
The post How Proxy Servers Enhance Security in Modern Authentication Systems appeared first ...
Discover the top IT asset management companies of 2025. Compare Alloy, ServiceNow, Ivanti, Freshworks, and SysAid to find the best ITAM solution for your business.
The post Top IT Asset Management Companies appeared first on Security Boulevard.
Software is a patchwork of third-party components, and keeping tabs on what’s running under the hood has become a challenge. The open-source platform Dependency-Track tackles that problem head-on. Rather than treating software composition as a ...
When the pandemic kept people at home in 2020, millions turned to games for an escape. The surge turned every console, PC, and phone into part of a vast online network. More players meant more logins, payments, and personal data. That created a ...
The industry is entering a phase where code is being deployed faster than it can be secured, according to OX Security. Findings from the Army of Juniors: The AI Code Security Crisis report show that AI-generated code often appears clean and ...
Want to see if a remote server is still alive, or trace the path your data takes across the internet? Network Utility had you covered, until Apple removed it. Network Utility was the go-to macOS app for quick network checks. It gave you a ...
In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity ...
Explore the key differences between facial recognition and passkeys for authentication. Understand their unique concepts, security implications, and use cases in software development.
The post Are Facial Recognition and Passkeys the Same? ...
Discover how Single Sign-On (SSO) simplifies user authentication, enhances security, and reduces IT overhead. Learn about SSO protocols, implementation strategies, and security best practices.
The post Single Sign-On (SSO): Simplifying User ...
