Application Security News and Articles
When I woke up the morning of September 8, I didn’t have the foggiest idea what the day had prepared for me. The most terrifying part of being a security person is the first few minutes of your day when you check the dashboards. By mid-morning ...
Fuji Electric has released patches and Japan’s JPCERT has informed organizations about the vulnerabilities.
The post Fuji Electric HMI Configurator Flaws Expose Industrial Organizations to Hacking appeared first on SecurityWeek.
Threat actors are exploiting CVE-2025-20352, a recent Cisco zero-day, to deploy a rootkit on older networking devices.
The post Cisco Routers Hacked for Rootkit Deployment appeared first on SecurityWeek.
For years, Governance, Risk, and Compliance (GRC) has been viewed as a necessary expense, an insurance policy for when things go wrong. But a new generation of CISOs is proving that when managed strategically, GRC can do far more than protect. It ...
Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs to carry sensitive information every day. If access to those APIs ...
The U.S. government has seized more than $14 billion in bitcoin and charged the founder of a Cambodian conglomerate in a massive cryptocurrency scam, accusing him and unnamed co-conspirators of exploiting forced labor to dupe would-be investors ...
Static code analysis has become an essential practice in modern software development, helping teams identify bugs, security…Continue reading on Medium »
I’ve been writing about data trust and privacy engineering for more than a decade.
Related: Preserving privacy can be profitable
In 2015, I sat down with Cisco’s privacy lead, Michelle Dennedy, who argued that privacy must be grounded in … ...
Oct 16, 2025 - Alan Fagan - What Is Shadow AI and Why It Matters | FireTail Blog
Quick Facts: Shadow AI
Shadow AI is when employees use AI tools within an organization without IT or compliance approval. Shadow AI often leads to data leaks, ...
Exploring how AI enhances security and the threats it poses to authentication.
The post The Impact of AI on Authentication appeared first on Security Boulevard.
Matthew Lane pleaded guilty in May to extorting two companies after hacking into their networks and stealing information.
The post Four-Year Prison Sentence for PowerSchool Hacker appeared first on SecurityWeek.
More information has come to light on the cyberattack disclosed this week by F5, including on attribution and potential risks.
The post F5 Hack: Attack Linked to China, BIG-IP Flaws Patched, Governments Issue Alerts appeared first on SecurityWeek.
Set up MojoAuth Bubble plugin for secure passwordless login using magic link, OTP, or passkeys — no code, full OpenID Connect support.
The post Unlock Passwordless Login on Bubble with MojoAuth: Next-Gen OpenID Connect (OIDC) Authentication ...
Veeam Software announced the availability of Veeam Data Cloud (VDC) for Managed Service Providers (MSPs) through the Veeam Cloud & Service Provider (VCSP) program. Designed to empower third-party service providers, Veeam Data Cloud delivers ...
Cayosoft introduced Cayosoft Guardian Protector, a free, always-on solution that delivers real-time threat detection, proactive alerts, resolution guidance, and change history for complex Microsoft hybrid identity environments. Cayosoft Guardian ...
Researchers have revealed a new security blind spot in how LLM applications connect to external systems. Their study shows that malicious Model Context Protocol (MCP) servers can quietly take control of hosts, manipulate LLM behavior, and deceive ...
AI has ended the age of inefficient surveillance. Explore how automation, data, and machine learning are reshaping privacy, power, and the Fourth Amendment.
The post AI and the Golden Age of Surveillance appeared first on Security Boulevard.
Effective insider threat defense begins with candidate vetting. Background checks and reference calls can confirm elements of an applicant’s history, but they rarely surface the deeper risks that can turn into costly problems down the line. ...
GenAI boosts developer productivity—but also risk. Learn how developer-first security embeds data protection early, securing code and AI pipelines from the start.
The post Designing Security for Developers, Not Around Them appeared first on ...
The rush to deploy AI is reshaping how companies think about risk, according to Cisco. A global study finds that while most organizations are moving quickly to adopt AI, many are not ready for the pressure it puts on their systems and security. A ...
