Application Security News and Articles
As large language model (LLM) applications mature, the line between model performance and model vulnerability continues to blur.
The post LLM vector and embedding risks and how to defend against them appeared first on Security Boulevard.
The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.
The post New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches appeared first on SecurityWeek.
As quantum computing threatens to undermine today’s cryptographic standards, organizations must move quickly to achieve crypto-agility and secure their software supply chains. This blog post explores how a Cryptography Bills of Materials (CBOM) ...
In the world of third-party software procurement, speed is often at odds with security. Risk managers and procurement officers know the pain: a single software request can trigger weeks, sometimes months, of back-and-forth with vendors, tedious ...
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.
The post ‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot appeared ...
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
The post The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce appeared first on ...
Between May 2024 and April 2025, Cloudflare blocked 109 billion malicious requests targeting organizations protected under Project Galileo.
The post Surge in Cyberattacks Targeting Journalists: Cloudflare appeared first on SecurityWeek.
In today’s digital enterprise, API-driven infrastructure is the connective tissue holding everything together.
Related: The DocuSign API-abuse hack
From mobile apps to backend workflows, APIs are what keep digital services talking—and ...
See how GitGuardian's deep discovery, combined with Akeyless's automation, delivers full secrets lifecycle control.
The post How GitGuardian and Akeyless Secure Machine Identities Across Environments appeared first on Security Boulevard.
Your weakest link doesn’t have to stay weak. Rethink file data management strategy today to secure your organization’s data—and trust.
The post File Data: The Hidden Ransomware Threat Costing Enterprises Millions appeared first on ...
Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products.
The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure.
The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek.
As organizations scale and adopt cloud-native architectures, the way they manage encryption — particularly how they issue, track and rotate certificates — has never been more critical.
The post Why Open-Source Encryption and Automated Key ...
As your business grows, so do the risks. Regulatory requirements pile up, and new attack methods evolve. At some point or other, you’re left wondering: Is it time to invest in Continuous Security Monitoring (CSM) tools? This is where the ...
Lemony announced its on-premise artificial intelligence solution that is redefining how organizations deploy generative AI. Lemony’s secure, hardware-based node offers enterprise-grade ‘AI in a Box,’ empowering companies to run ...
Nestled in a log cabin high in the Rocky Mountains, Rick Bohm starts his day the same way he’s approached his career: intentionally, with a quiet commitment to learning and action. Boasting more than three decades of cybersecurity experience, ...
Nudge Security announced today a new browser extension for its SaaS and AI security governance solution that detects identity risks and guides employees toward safe, compliant SaaS and AI use in real time. Modern work happens at theWorkforce ...
Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now a core currency in the underground economy. Data is the ...
CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more ...
A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck ...
