Application Security News and Articles
Overview Recently, NSFOCUS CERT detected that Fortinet issued a security bulletin to fix the FortiWeb authentication bypass and command injection vulnerability (CVE-2025-64446/CVE-2025-58034); Combined exploitation can realize unauthorized remote ...
Explore risk-based authentication (RBA) in detail. Learn how it enhances security and user experience in software development, with practical examples and implementation tips.
The post What is Risk-Based Authentication? appeared first on Security ...
Key Takeaways What is Unified AI Oversight? In today’s AI landscape, organizations face overlapping regulations, ethical expectations, and AI operational risks. Unified AI oversight is a single lens to manage AI systems while staying aligned ...
Thailand’s Cyber Crime Investigation Bureau said an FBI tip that the “world-class hacker” was traveling to Thailand led to his arrest in Phuket.
The post Russian Hacking Suspect Wanted by the FBI Arrested on Thai Resort Island appeared ...
Zoom CEO Eric Yuan recently used his AI avatar to open a quarterly earnings call. In the top right corner of the video, a small badge appeared: "CREATED WITH ZOOM AI COMPANION."
The post Zoom’s AI Avatar Watermark Is Security Theatre (And ...
Are Budget-Friendly Security Measures Adequate for Managing Non-Human Identities? Where digital transformation is reshaping industries, the question of whether budget-friendly security solutions are adequate for managing Non-Human Identities ...
How Does Stability in AI Systems Enhance Cloud Security? Have you ever wondered how stable AI systems can revolutionize your organization’s cloud security? When industries evolve, the integration of AI into cybersecurity provides unique ...
How Secure Are Your Machine Identities in the Cloud Environment? Are machine identities flying under the radar when it comes to your cybersecurity strategy? Non-Human Identities (NHIs) are rapidly becoming a crucial element in organizations ...
How Can Enterprises Make Informed Decisions About Scalable Agentic AI Solutions? Are enterprises truly free to choose scalable Agentic AI solutions that align with their evolving security needs? This question resonates across industries with ...
Morpheus automates Tier 1 and Tier 2 SOC work across Microsoft Sentinel, Defender, and Entra ID. Scale your MSSP, maintain SLA compliance and service quality.
The post Morpheus on Microsoft: AI SOC Platform for MSSPs Managing Sentinel, Defender, ...
In what may be a repeat of the Salesloft Drift supply chain compromise, Salesforce confirmed that they’ve identified unusual activity involving Gainsight-published apps connected to Salesforce. “Our investigation indicates this ...
Recently, we joined Amazon Web Services (AWS) to talk about one of the fastest-moving transformations in the cloud industry: how Internal Developer Platforms (IDPs) are streamlining modern software delivery. Andy Suderman joined me and Eli ...
Read AppOmni’s recommendations to secure your Salesforce-Gainsight integrations before it negatively impacts your customer data.
The post Security Advisory: Salesforce Gainsight Incident appeared first on AppOmni.
The post Security Advisory: ...
SESSION
Session 3C: Mobile Security
-----------
-----------
Authors, Creators & Presenters: Runze Zhang (Georgia Institute of Technology), Mingxuan Yao (Georgia Institute of Technology), Haichuan Xu (Georgia Institute of Technology), Omar ...
Inaugural awards celebrate the pioneers turning quantum’s promise into real-world impact, bridging theory and practice in the next era of secure computing Boca Raton, FL, November 20, 2025 — Techstrong Group, in collaboration with DigiCert, ...
SESSION
Session 3C: Mobile Security
-----------
-----------
Authors, Creators & Presenters: Chang Yue (Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China), Kai Chen (Institute of Information Engineering, Chinese ...
IntroductionIn May 2025, Zscaler ThreatLabz discovered CVE-2025-50165, a critical remote code execution (RCE) vulnerability with a CVSS score of 9.8 that impacts the Windows Graphics Component. The vulnerability lies within windowscodecs.dll, ...
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s built-in (but hidden from the user) extensions to issue commands directly ...
The Android malware is in development and appears to be mainly aimed at users in Europe.
The post New Sturnus Banking Trojan Targets WhatsApp, Telegram, Signal Messages appeared first on SecurityWeek.
From secure service mesh rollouts to AI cluster hardening, see how KubeCon + CloudNativeCon NA 2025 redefined identity, trust, and governance in Kubernetes environments.
The post Trust Beyond Containers: Identity and Agent Security Lessons from ...
