Application Security News and Articles
The Many Shapes of Identity: Inside IAM 360, Issue 3
josh.pearson@t…
Tue, 10/21/2025 - 17:27
The new issue of IAM 360 is here!
In this issue, we take on a theme that shows how identity never stands still, reshaping how we live and work as it ...
The blockchain was supposed to revolutionize trust. Instead, it’s revolutionizing cybercrime. Every foundational principle that makes blockchain technology secure—decentralization, immutability, global accessibility—has been ...
The Series A round was led by Two Bear Capital and included participation from Gula Tech Adventures, Next Frontier Capital, and others.
The post Gravwell Closes $15.4M Funding Round to Expand Data Analytics and Security Platform appeared first ...
Security teams spend much of their day pulling data from reports, forums, and feeds, trying to connect clues across multiple sources. Google says that work can now happen through a simple conversation. A new way to interact with threat data ...
Satya fiddles while Redmond burns? Showstopper bugs with security certificates—plus failing USB keyboards and mice—cause QA questions.
The post October Patch Tuesday Fails Hard — Windows Update Considered Harmful? appeared first on Security ...
NetRise appointed the former CISA Senior Advisor and Strategist as a Strategic Advisor.
The post SBOM Pioneer Allan Friedman Joins NetRise to Advance Supply Chain Visibility appeared first on SecurityWeek.
PAPERS Feedback-Guided API Fuzzing of 5G Network Tianchang Yang (Pennsylvania State University), Sathiyajith K S (Pennsylvania State University), Ashwin Senthil Arumugam (Pennsylvania State University), Syed Rafiul Hussain (Pennsylvania State ...
Learn how Mend.io brings real-time AppSec to AI coding tools.
The post Mend.io Expands AI Native AppSec to Windsurf, CoPilot, Claude Code, and Amazon Q Developer appeared first on Security Boulevard.
Defakto’s Series B funding, which brings the total raised to $50 million, was led by XYZ Venture Capital.
The post Defakto Raises $30 Million for Non-Human IAM Platform appeared first on SecurityWeek.
A threat actor has been infecting servers of high-profile entities with backdoors to exfiltrate information and deploy additional payloads.
The post Government, Industrial Servers Targeted in China-Linked ‘PassiveNeuron’ Campaign ...
At INCYBER Forum Canada 2025, leaders from across sectors explored AI, supply-chain risk, and culture-driven defense, stressing that true resilience is built together.
The post INCYBER Forum Canada 2025: Collaboration Wins Over Compliance ...
Illumio has released Insights Agent, a new capability within Illumio Insights, the company’s AI-driven cloud detection and response (CDR) solution. Agent is an AI-powered, persona-driven guide designed to reduce alert fatigue, accelerate threat ...
The acquisition will unify data resilience with DSPM, privacy, governance, and AI trust across production and secondary data.
The post Veeam to Acquire Data Security Firm Securiti AI for $1.7 Billion appeared first on SecurityWeek.
CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and Infrastructure Security Agency (CISA), which has added the flaw to its Known ...
DataDome announced a new capability to secure Model Context Protocol (MCP) server infrastructure. With a standard DataDome integration module, enterprises can now gain visibility into and protect MCP interactions, enabling them to build agentic ...
Dataminr has announced its intent to acquire ThreatConnect in a transaction valuing the company at $290 million. The fusion of Dataminr’s AI platform for public data signals with ThreatConnect’s deep internal data capabilities will create ...
First to help customers see, govern and grow agentic commerce via MCP interactions.
The post DataDome Secures MCP Infrastructure, Establishes Trust for Agentic AI appeared first on Security Boulevard.
Veeam Software has signed a definitive agreement to acquire Securiti AI for $1.725 billion. Veeam and Securiti AI unify data resilience with DSPM, privacy, governance, and AI trust spanning production and secondary data. Together, they will help ...
Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list.
The post CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities appeared first on SecurityWeek.
API sprawl. Encrypted traffic. Hyperconnected users.
Today’s digital business surfaces present attackers with fertile ground—not for brute-force break-ins, but for subtle, sustained manipulation.
A10 Networks Field CISO Jamison Utter calls ...
