Application Security News and Articles
Author/Presenter: Mário Leitão-Teixeira
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & ...
Get details on the AI risks Legit unearthed in enterprises' software factories.
The post The 2025 State of Application Risk Report: Understanding AI Risk in Software Development appeared first on Security Boulevard.
The world of cybersecurity is always changing, with rapid evolution in both threat and response creating a continual churn in knowledge, technology, and standards. Frameworks meant to help protect systems and businesses, especially the ...
Securing remote access pathways often feels like an endless battle against evolving threats. Attackers continually search for exposed protocols, especially those that provide direct or near-direct access to critical systems. Remote Desktop ...
Discover how ColorTokens and Nozomi Networks deliver real-time OT/IoT threat detection and Zero Trust microsegmentation.
The post ColorTokens + Nozomi Networks: A Partnership That’s Built for the Trenches of OT and IoT Security appeared first ...
Author/Presenter: Carlos Gonçalves
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; ...
Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak.
The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak ...
Model Context Protocol is doing for AI what USB did for hardware and HTTP did for the web—creating a universal standard that exponentially expands capabilities. Understand how this innovation allows AI systems to access specialized tools ...
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.
The post Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek.
RSAC 2025 revealed that AI agents are reshaping trust and identity. Learn what top CISOs are doing about it and how the conversation about NHI governance is evolving.
The post RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and ...
VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach.
The post 160,000 Impacted by Valsoft Data Breach appeared first on SecurityWeek.
Recognized as one of Australia’s Best Workplaces™ in Technology for third year in a row.
The post Kasada Ranks #4 Among Australia’s Best Technology Employers in 2025 appeared first on Security Boulevard.
A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as ...
Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.
The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek.
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
The post Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits appeared first ...
Are we truly prepared for what’s coming? Amidst the ongoing geopolitical tensions and the risk of a full-scale conflict, every organization must ask itself this question. In an era where cyberattacks often accompany geopolitical unrest, the ...
The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations: The defaced dark web ...
It usually starts small—a missed phish here, a lost customer email in the quarantine abyss. Maybe a few grumbles from your support team about never-ending rule updates. At first, you let it slide. You think, 'That’s just how it goes'; you ...
Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed.
The post SAP Zero-Day Targeted Since January, Many Sectors Impacted appeared first on SecurityWeek.
VC firm Insight Partners is informing partners and employees that their information was exposed in the January 2025 cyberattack.
The post Company and Personal Data Compromised in Recent Insight Partners Hack appeared first on SecurityWeek.
