Application Security News and Articles
Disclaimer: If you're here for the holy grail of bot detection, this may not be it, unless your UX strategy involves surprise popups and your marketing strategy involves blocking Google crawlers.
We recently stumbled across a bug on the Chromium ...
AI adoption accelerates secret sprawl as organizations connect to multiple providers. Our investigation of a leaked xAI API key, which granted access to unreleased Grok models, reveals critical flaws in their disclosure process, highlighting ...
By baking minimum expectations into procurement conversations, the plan is to steer software vendors to “secure-by-design and default” basics.
The post New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA appeared first on ...
Meta, which owns WhatsApp, became the first company to sue and win against NSO Group, the maker of the notorious Pegasus spyware, when a U.S. ruled in December that the vendor hacked into 1,400 mobile devices in 2019. A jury ordered NSO Group to ...
Barracuda Networks unveiled next-generation threat detection capabilities fueled by multimodal AI. Barracuda now delivers adaptive, context-aware protection against emerging attacks with accuracy and speed by simultaneously correlating and ...
Searchlight Cyber has launched new AI capabilities within its dark web investigations platform, Cerberus. The new Cerberus AI Insights feature summarizes dark web posts and threads to help analysts to quickly triage information and focus on the ...
Austin, USA / Texas, 7th May 2025, CyberNewsWire
The post SpyCloud Analysis Reveals 94% of Fortune 50 Companies Have Employee Data Exposed in Phishing Attacks appeared first on Security Boulevard.
Sonatype is thrilled to announce the addition of Antoine Harden as our Regional Vice President of Federal. With a proven track record of leadership and innovation, Antoine will spearhead sales efforts across the Department of Defense, the ...
After covering cloud security posture management (CSPM) and cloud workload protection (CWP) in the first two installments of Tenable’s “Stronger Cloud Security in Five” blog series, today we focus on securing your cloud identities. ...
Verosint launched Vera, an agentic AI security analyst to transform how organizations detect, investigate, and respond to identity-based threats. Built on top of Verosint’s intelligent ITDR platform, Vera is an always-on, expert identity ...
WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions ...
The US has sanctioned Myanmar warlord Saw Chit Thu and his militia for their roles in cyber scams causing billions in losses to American victims.
The post US Sanctions Myanmar Militia Involved in Cyber Scams appeared first on SecurityWeek.
At ISHIR, we’ve worked with hundreds of innovators — startup founders, intrapreneurs, and enterprise technology leaders. And one thing is clear: Great ideas don’t come...Read More
The post The 3 Stages of the Idea Cycle: From Raw Concept to ...
The rapid rise in the use of SaaS applications — often without the IT organization's knowledge or consent — has spawned a whole new set of challenges for security teams. These include visibility gaps, unmanaged data flows, and an expanding ...
In our recent live webinar, Ask Us Anything: Solving K-12 Tech Teams’ Biggest Challenges, we gave attendees the chance to get real answers to their top pain points by submitting questions in advance. The session featured Bob Boyd, Chief ...
Meta has won its WhatsApp hacking lawsuit against Israeli spyware company NSO Group in an “important step forward for privacy and security”.
The post Spyware Maker NSO Ordered to Pay $167 Million Over WhatsApp Hack appeared first on SecurityWeek.
BlueVoyant launched its Continuous Optimization for Microsoft Security (COMS) offering. COMS improves security outcomes, helps customers stay ahead of cyber threats, and minimizes technology costs by drawing on BlueVoyant’s expertise with ...
Application performance monitoring provider AppSignal has raised $22 million in a Series A funding round led by Elsewhere Partners.
The post AppSignal Raises $22 Million for Application Monitoring Solution appeared first on SecurityWeek.
At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft.
The post Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day appeared first on SecurityWeek.
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds ...
