Application Security News and Articles
MEDIA ADVISORY Strata Identity VP of Product and Standards to Discuss Future of Authorization at Identiverse 2025 Gerry Gebel to join fellow AuthZEN co-chairs to discuss next-gen authorization interoperability and open standards BOULDER, Colo., ...
Email spoofing security is an imperative addition to your email’s security posture, here’s why. Email spoofing is a form of internet fraud. Leverage email authentication tools to enhance your domain’s email spoofing security.
The post Email ...
A mandatory filing to the Maine Attorney General says 69,461 customers nationwide were affected and dates the breach back to last December.
The post Coinbase Says Rogue Contractor Data Breach Affects 69,461 Users appeared first on SecurityWeek.
Developers who specialize in writing smart (primarily Ethereum) contracts using the Solidity programming language have been targeted via malicious VS Code extensions that install malware that steals cryptocurrency wallet credentials. “Based ...
In this fourth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we turn our attention to securing cloud data, a complex endeavor as data grows exponentially and threats become more sophisticated. Check out five DSPM ...
Anchore announced the next phase of its SBOM strategy with the release of Anchore SBOM. With the addition of Anchore SBOM, Anchore Enterprise now provides a centralized platform for viewing, managing and analyzing Software Bill of Materials ...
Virtual machines (VMs) have become ubiquitous in the enterprise by offering flexibility, scalability, and cost savings. But widespread adoption has outpaced traditional security controls, which often rely on runtime access or agent-based ...
Artificial intelligence (AI) continues to redefine what is possible in software, from predictive models to generative content. But as AI systems grow in power, so too do the threats targeting their foundations, including a particularly insidious ...
By Tejeswara S Reddy, Security Researcher, SquareX
Brand impersonation attacks occur when threat actors create convincing replicas of legitimate websites, communications, or digital assets to deceive users into believing they are interacting ...
Matthew Lane allegedly hacked PowerSchool using stolen credentials and admitted to extorting a telecoms provider.
The post US Student to Plead Guilty Over PowerSchool Hack appeared first on SecurityWeek.
A critical vulnerability (CVE-2025-4322) in Motors, a WordPress theme popular with car/motor dealerships and rental services, can be easily exploited by unauthenticated attackers to take over admin accounts and gain full control over target ...
Wireless carrier Cellcom has confirmed that a week-long widespread service outage is the result of a cyberattack.
The post Cellcom Service Disruption Caused by Cyberattack appeared first on SecurityWeek.
Google DeepMind has developed an ongoing process to counter the continuously evolving threatIndirect prompt injection (IPI) attacks.
The post Google DeepMind Unveils Defense Against Indirect Prompt Injection Attacks appeared first on SecurityWeek.
Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution.
The post Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities appeared first on SecurityWeek.
SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st.
The post Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit appeared first on SecurityWeek.
Many of the industrial control system (ICS) instances seen in internet scanning are likely or possibly honeypots, not real devices.
The post Up to 25% of Internet-Exposed ICS Are Honeypots: Researchers appeared first on SecurityWeek.
The Israel-South Korea defense partnership has evolved from basic procurement relationships into a sophisticated technological alliance.
The post Strategic Defense Innovation: Israel and South Korea’s Technological Partnership appeared ...
Kettering Health has canceled inpatient and outpatient procedures as it deals with a system-wide outage caused by a ransomware attack.
The post Ransomware Attack Forces Kettering Health to Cancel Procedures appeared first on SecurityWeek.
In a significant escalation of cyber warfare, over 1.5 million Indian websites have been targeted in a series of coordinated cyberattacks attributed to seven Advanced Persistent Threat (APT) groups, primarily based in Pakistan. These attacks, ...
In a significant cybersecurity breach, multiple Australian pension funds were targeted in coordinated attacks, compromising over 20,000 accounts and resulting in the theft of approximately A$500,000 from members’ retirement savings. This ...
