Application Security News and Articles
AI-generated voice deepfakes have crossed the uncanny valley, fueling a surge in fraud that outpaces traditional security measures. Detection technology is racing to keep up.
The post The AI Arms Race: Deepfake Generation vs. Detection appeared ...
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut ...
Stepping into a time machine and traveling back to the past, during the last half of my nearly 20 year career at MITRE I served in a variety of roles that spanned the evolution of MITRE ATT&CK®. I started as a detection engineer / hunter ...
Tamnoon launched Managed CDR (Cloud Detection and Response), a managed service designed to validate, contextualize, and respond to cloud security alerts. Built on AWS and launching with Wiz Defend, Amazon GuardDuty, CrowdStrike Falcon, and Orca ...
I. The Promise and the Paradox of Zero Trust Zero Trust has emerged as a cornerstone of modern cybersecurity strategy. Its core principle, “never trust, always verify”, has gained traction...
The post Why Zero Trust Fails in the Real World ...
Hirundo tackles AI hallucinations and bias by making trained models “forget” poisoned, malicious, and confidential data.
The post Hirundo Raises $8 Million to Eliminate AI’s Bad Behavior appeared first on SecurityWeek.
Chainguard provides hardened, zero-CVE container images (Chainguard Containers) that enable companies to achieve speed, security and scalability. Now, through a strategic partnership between Azul and Chainguard, Chainguard will build from ...
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from ...
As large language model (LLM) applications mature, the line between model performance and model vulnerability continues to blur.
The post LLM vector and embedding risks and how to defend against them appeared first on Security Boulevard.
The new attack technique uses smartwatches to capture ultrasonic covert communication in air-gapped environments and exfiltrate data.
The post New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches appeared first on SecurityWeek.
As quantum computing threatens to undermine today’s cryptographic standards, organizations must move quickly to achieve crypto-agility and secure their software supply chains. This blog post explores how a Cryptography Bills of Materials (CBOM) ...
In the world of third-party software procurement, speed is often at odds with security. Risk managers and procurement officers know the pain: a single software request can trigger weeks, sometimes months, of back-and-forth with vendors, tedious ...
Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot.
The post ‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot appeared ...
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
The post The ZTNA Blind Spot: Why Unmanaged Devices Threaten Your Hybrid Workforce appeared first on ...
Between May 2024 and April 2025, Cloudflare blocked 109 billion malicious requests targeting organizations protected under Project Galileo.
The post Surge in Cyberattacks Targeting Journalists: Cloudflare appeared first on SecurityWeek.
In today’s digital enterprise, API-driven infrastructure is the connective tissue holding everything together.
Related: The DocuSign API-abuse hack
From mobile apps to backend workflows, APIs are what keep digital services talking—and ...
See how GitGuardian's deep discovery, combined with Akeyless's automation, delivers full secrets lifecycle control.
The post How GitGuardian and Akeyless Secure Machine Identities Across Environments appeared first on Security Boulevard.
Your weakest link doesn’t have to stay weak. Rethink file data management strategy today to secure your organization’s data—and trust.
The post File Data: The Hidden Ransomware Threat Costing Enterprises Millions appeared first on ...
Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products.
The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek.
Interpol has announced a crackdown on infostealer malware in Asia as part of an effort called Operation Secure.
The post Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified appeared first on SecurityWeek.
