Application Security News and Articles
AI is the New Insider Threat: Rethinking Enterprise Security in the Digital Age
madhav
Thu, 11/06/2025 - 13:02
Artificial intelligence (AI) is no longer just a passive tool. It’s an active insider interpreting data, executing workflows, ...
Agentic AI speeds operations, but requires clear goals, least privilege, auditability, red‑teaming, and human oversight to manage opacity, misalignment, and misuse.
The post Follow Pragmatic Interventions to Keep Agentic AI in Check appeared ...
The post Stop Checking The Box and Switch Your SAT Perspective appeared first on Security Boulevard.
Prowler launched Prowler Lighthouse AI, an intelligent security assistant and MCP Server, that brings autonomous AI directly into DevSecOps workflows. Available immediately, Prowler’s AI innovations combine agentic reasoning with automation ...
Hackers drained more cryptocurrency from Balancer by exploiting a rounding function and performing batch swaps.
The post DeFi Protocol Balancer Starts Recovering Funds Stolen in $128 Million Heist appeared first on SecurityWeek.
The Department of Justice has indicted thirty-one people over the high-tech rigging of high-stakes poker games.
In a typical legitimate poker game, a dealer uses a shuffling machine to shuffle the cards randomly before dealing them to all the ...
The ransomware attack discovered in August occurred as early as May when a state employee mistakenly downloaded malicious software.
The post Nevada Ransomware Attack Started Months Before It Was Discovered, Per Report appeared first on SecurityWeek.
Automated pentesting is now one of the most hyped topics in cybersecurity, with AI systems promising to replace human hackers. But how much is real, and how much is marketing hype?
This webinar provides a practical guide to automating offensive ...
MojoAuth experienced a temporary service disruption on October 21, 2025, caused by an AWS regional outage. This post-incident report outlines the timeline, root cause, mitigation steps, and permanent improvements we’ve implemented to enhance ...
Discover how the new IETF draft extends SCIM to manage AI agents and agentic applications. Learn how SSOJet is preparing for this evolution — enabling secure lifecycle management, provisioning, and auditing for autonomous digital workers in ...
Hyundai AutoEver America was hacked in February and the attackers managed to steal SSNs and other personal data.
The post Automotive IT Firm Hyundai AutoEver Discloses Data Breach appeared first on SecurityWeek.
The flaws allow attackers to execute arbitrary code remotely and elevate their privileges to root on an affected system.
The post Cisco Patches Critical Vulnerabilities in Contact Center Appliance appeared first on SecurityWeek.
Google and Yahoo announce new email security requirements to take email fraud prevention to the next level in 2024, for a less spammy and secure inbox.
The post Google and Yahoo Updated Email Authentication Requirements for 2025 appeared first ...
State-aligned hacking groups have spent the past six months ramping up espionage, sabotage, and cybercrime campaigns across multiple regions, according to ESET’s APT Activity Report covering April through September 2025. The research highlights ...
The threat actor stole the firewall configuration files of all SonicWall customers who used the cloud backup service.
The post State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack appeared first on SecurityWeek.
1touch.io unveils Kontxtual, an AI-driven data platform engineered for the AI era. Built to accelerate enterprise innovation without compromising control, Kontxtual harnesses the power of AI and LLMs to deliver real-time data, identity, usage, ...
Static security tuning creates dangerous blind spots that attackers exploit. Learn how dynamic context awareness transforms security operations by reducing false positives, preserving signal fidelity, and eliminating the hidden risks of ...
Learn how to implement Security Service Edge (SSE) effectively to enhance cybersecurity, reduce human risk, and maintain user productivity. Discover how a zero-trust approach, SSL inspection, and outcomes-based deployment can strengthen security ...
Aptori announced Code-Q (Code Quick Fix), a new agent in its AI-powered security platform that automatically generates, validates and applies code-level remediations for confirmed vulnerabilities. Building on Aptori’s AI Triage, which ...
Learn how to configure SPF, DKIM, and DMARC for Zoho Mail to secure your domain, prevent spoofing, and boost email deliverability step-by-step.
The post A Step-by-Step Guide to Setting Up SPF, DKIM, and DMARC for Zoho Mail appeared first on ...
