Application Security News and Articles


OffensiveCon25 – Android In-The-Wild: Unexpectedly Excavating A Kernel Exploit

Author/Presenter: Seth Jenkins Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the ...

Double Dash, Double Trouble: A Subtle SQL Injection Flaw

Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries! The post Double Dash, Double Trouble: A Subtle SQL Injection ...

Industrial Cybersecurity 2025: Key Takeaways from our Webinar

In a timely and candid webinar hosted by Axio, leading experts discussed what’s working (and what’s not) in industrial cybersecurity as we look toward 2025. Featuring insights from cybersecurity veteran Read More The post Industrial ...

Unlock the Power of Plixer One: AI-Driven Network Data Analysis

Plixer is live from Cisco Live 2025 at the San Diego Convention Center, and they’re ready to showcase the future of AI-driven network visibility. Join Peter Silva as he catches up with Nils Werner for a behind-the-scenes look at what attendees ...

Marks & Spencer Suffers Ransomware Attack by Scattered Spider Group

Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, sits down with host David Braue to discuss the ransomware attack that recently hit Marks & Spencer.  The post Marks & Spencer Suffers ...

ArmorCode provides enterprises with contextual understanding of their code repositories

ArmorCode launched AI Code Insights, a new set of capabilities that leverages ArmorCode’s agentic AI, Anya, to provide enterprises with contextual understanding of their code repositories, empowering security and development teams to secure ...

Hackers Stole 300,000 Crash Reports From Texas Department of Transportation

The Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports. The post Hackers Stole 300,000 Crash Reports From Texas Department of Transportation appeared first on ...

How Azul Identifies Java Security Vulnerabilities with 1,000 Times Greater Accuracy

Azul identifies and prioritizes known Java security vulnerabilities with 1,000 times greater accuracy than traditional APM or AppSec tools. The post How Azul Identifies Java Security Vulnerabilities with 1,000 Times Greater Accuracy appeared ...

Webinar: Cloud security made easy with CIS Hardened Images

This webinar is designed for leadership and management professionals looking to enhance their organization’s security posture in the cloud. The authors explore CIS Hardened Images: how they work, the security benefits they offer, and why ...

Secure mobile applications with Dart, Flutter, and Sonatype

The Dart coding language and the Flutter framework architecture are gaining traction among developers looking to build fast, reliable, cross-platform applications. The post Secure mobile applications with Dart, Flutter, and Sonatype appeared ...

Swimlane Raises $45 Million for Security Automation Platform

Swimlane has raised $45 million in a growth funding round to fuel its global channel expansion and product innovation. The post Swimlane Raises $45 Million for Security Automation Platform appeared first on SecurityWeek.

AU10TIX AnyDoc Authentication identifies tampered or forged documents

AU10TIX is enhancing its product suite with the launch of AnyDoc Authentication, a capability that exposes forged, tampered, or synthetic non-ID documents that may bypass traditional identity verification methods. AnyDoc harnesses advanced AI, ...

NEW! Classroom Manager With OneRoster® Integration

Saving Time for Tech Teams and Teachers—Securely We’re excited to announce that Classroom Manager is now officially 1EdTech Certified for OneRoster® integration! This is an important milestone in our mission to help K-12 schools simplify ...

Why Traditional Email Filters Aren’t Enough to Stop Phishing in K–12

How to stop phishing in K-12 using artificial intelligence Phishing is one of the most common—and most damaging—cybersecurity threats facing K–12 schools today. And yet, many districts still rely on basic, built-in email filters as their ...

Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions. The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.

Low-Code, High Stakes: Why Security Can’t Be an Afterthought for Customers Using Salesforce Industry Clouds

New research reveals critical security flaws in Salesforce industry clouds. Discover the risks and how to protect your organization now. The post Low-Code, High Stakes: Why Security Can’t Be an Afterthought for Customers Using Salesforce ...

New Research on Salesforce Industry Clouds: 0-days, Insecure Defaults, and Exploitable Misconfigurations

AppOmni’s latest research reveals 20+ OmniStudio security flaws, including 5 CVEs affecting Salesforce industry clouds. Learn how misconfigurations expose sensitive data and how to secure your org. The post New Research on Salesforce Industry ...

Critical Vulnerability Patched in SAP NetWeaver

SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges. The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek.

Sensitive Information Stolen in Sensata Ransomware Attack

Sensor manufacturer Sensata said a ransomware group had access to its network for more than a week and stole personal information. The post Sensitive Information Stolen in Sensata Ransomware Attack appeared first on SecurityWeek.

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and ...