Application Security News and Articles
Author/Presenter: Seth Jenkins
Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the ...
Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries!
The post Double Dash, Double Trouble: A Subtle SQL Injection ...
In a timely and candid webinar hosted by Axio, leading experts discussed what’s working (and what’s not) in industrial cybersecurity as we look toward 2025. Featuring insights from cybersecurity veteran
Read More
The post Industrial ...
Plixer is live from Cisco Live 2025 at the San Diego Convention Center, and they’re ready to showcase the future of AI-driven network visibility. Join Peter Silva as he catches up with Nils Werner for a behind-the-scenes look at what attendees ...
Scott Schober, Cyber Expert, Author of "Hacked Again," and CEO of Berkeley Varitronics Systems, sits down with host David Braue to discuss the ransomware attack that recently hit Marks & Spencer.
The post Marks & Spencer Suffers ...
ArmorCode launched AI Code Insights, a new set of capabilities that leverages ArmorCode’s agentic AI, Anya, to provide enterprises with contextual understanding of their code repositories, empowering security and development teams to secure ...
The Texas Department of Transportation has disclosed a data breach impacting the personal information included in 300,000 crash reports.
The post Hackers Stole 300,000 Crash Reports From Texas Department of Transportation appeared first on ...
Azul identifies and prioritizes known Java security vulnerabilities with 1,000 times greater accuracy than traditional APM or AppSec tools.
The post How Azul Identifies Java Security Vulnerabilities with 1,000 Times Greater Accuracy appeared ...
This webinar is designed for leadership and management professionals looking to enhance their organization’s security posture in the cloud. The authors explore CIS Hardened Images: how they work, the security benefits they offer, and why ...
The Dart coding language and the Flutter framework architecture are gaining traction among developers looking to build fast, reliable, cross-platform applications.
The post Secure mobile applications with Dart, Flutter, and Sonatype appeared ...
Swimlane has raised $45 million in a growth funding round to fuel its global channel expansion and product innovation.
The post Swimlane Raises $45 Million for Security Automation Platform appeared first on SecurityWeek.
AU10TIX is enhancing its product suite with the launch of AnyDoc Authentication, a capability that exposes forged, tampered, or synthetic non-ID documents that may bypass traditional identity verification methods. AnyDoc harnesses advanced AI, ...
Saving Time for Tech Teams and Teachers—Securely We’re excited to announce that Classroom Manager is now officially 1EdTech Certified for OneRoster® integration! This is an important milestone in our mission to help K-12 schools simplify ...
How to stop phishing in K-12 using artificial intelligence Phishing is one of the most common—and most damaging—cybersecurity threats facing K–12 schools today. And yet, many districts still rely on basic, built-in email filters as their ...
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
The post Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud appeared first on SecurityWeek.
New research reveals critical security flaws in Salesforce industry clouds. Discover the risks and how to protect your organization now.
The post Low-Code, High Stakes: Why Security Can’t Be an Afterthought for Customers Using Salesforce ...
AppOmni’s latest research reveals 20+ OmniStudio security flaws, including 5 CVEs affecting Salesforce industry clouds. Learn how misconfigurations expose sensitive data and how to secure your org.
The post New Research on Salesforce Industry ...
SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges.
The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek.
Sensor manufacturer Sensata said a ransomware group had access to its network for more than a week and stole personal information.
The post Sensitive Information Stolen in Sensata Ransomware Attack appeared first on SecurityWeek.
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and ...