Application Security News and Articles
Creator, Author and Presenter: Carson Zimmerman
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s ...
AI is transforming how SaaS companies find and convert customers. While traditional companies struggle with 32% conversion rates, AI-native firms hit 56%. Learn how automated GTM agents work 24/7 to spot prospects, track competitors, and optimize ...
ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super ...
A report published today by Wallarm finds that of the 639 Common Vulnerabilities and Exposures (CVEs) pertaining to application programming interfaces (APIs) reported in Q2 2025, 34 involved issues relating to some type of use case tied to ...
Cloudflare announced new capabilities for Cloudflare One, its zero trust platform, designed to help organizations securely adopt, build and deploy emerging generative AI applications. With these new features, Cloudflare is giving customers the ...
Davis Lu was convicted in March of deploying malicious code in the systems of his employer, Eaton, when his job responsibilities change and then deployed a kill switch that denied employees access to the systems when he was fired in 2019. He was ...
Pakistani state-sponsored hacking group APT36 is targeting Linux systems in a fresh campaign aimed at Indian government entities.
The post Pakistani Hackers Back at Targeting Indian Government Entities appeared first on SecurityWeek.
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how ...
Aspire Rural Health System was targeted last year by the BianLian ransomware group, which claimed to have stolen sensitive data.
The post Aspire Rural Health System Data Breach Impacts Nearly 140,000 appeared first on SecurityWeek.
Data I/O has disclosed a ransomware attack that disrupted the company’s operations, including communications, shipping and production.
The post Chip Programming Firm Data I/O Hit by Ransomware appeared first on SecurityWeek.
Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the ...
IntroductionContinue reading on Medium »
The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications.
The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek.
Organizations invest heavily in cybersecurity tools, yet their executives still can't get a straight answer to the most fundamental question: "What are our biggest risks right now?"
The post 3 Benefits to Consider for the ROI of Cyber GRC and How ...
CISA has updated the Minimum Elements for a Software Bill of Materials (SBOM) guidance and is seeking public comment.
The post CISA Requests Public Feedback on Updated SBOM Guidance appeared first on SecurityWeek.
As developers, we love shipping features fast. But with speed often comes a hidden danger: security vulnerabilities sneaking into our code…Continue reading on Medium »
89 million Steam accounts breached! Learn how to secure your account and protect your data. Act now to safeguard your gaming identity.
The post 89 Million Steam Accounts Compromised: Change Your Password Now appeared first on Security Boulevard.
Netskope has an annual recurring revenue of more than $707 million, but it’s still not profitable, reporting a net loss of $170 million in H1.
The post SASE Company Netskope Files for IPO appeared first on SecurityWeek.
IntroductionContinue reading on Medium »
Good measurements for cyber security do not have to be technical. From a defence in depth principle it is recommended to have a mix of…Continue reading on Medium »
