Application Security News and Articles
We live in a world obsessed with speed and reliability. Whether it's streaming our favorite shows, conducting mission-critical business operations, or simply browsing the web, we demand seamless connectivity. This has led to the rise of many ...
The city of Abilene, Texas, is scrambling to restore systems that have been taken offline in response to a cyberattack.
The post Cyberattack Knocks Texas City’s Systems Offline appeared first on SecurityWeek.
A new study by the Ponemon Institute points to a concerning use of AI: deepfake attacks are on the rise and are taking a financial and reputational toll on companies and their executives.
Related: Tools to fight deepfakes
Deepfake Deception: … ...
The renewable energy landscape is evolving fast—bringing smarter, more sustainable ways to generate, distribute, and use power. At the heart of this transformation is a lesser-known but vital standard: IEEE 2030.5—a foundational protocol that ...
Most security tools create a false sense of protection. Explore 5 realistic red team exercises with Notion templates that help you plan tests mirroring sophisticated attackers and identify critical vulnerabilities in your organization
The post 5 ...
Perforce Software announced its latest platform update for Puppet Enterprise Advanced, designed to streamline DevSecOps practices and fortify enterprise security postures. This release incorporates more advanced and proactive remediation options, ...
A practical guide to maximizing the short- and long-term benefits of your upcoming OSCP exam attempt(s).
Disclaimer:
All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s ...
As AI agents transform enterprise technology, two critical protocols are emerging as industry standards: Anthropic's MCP for connecting AI to data sources and Google's A2A for agent collaboration. This analysis breaks down how these frameworks ...
1Password today extended the reach of its Extended Access Management (XAM) platform to include an ability to secure artificial intelligence (AI) agents.
The post 1Password Extends Reach of IAM Platform to AI Agents and Unmanaged Devices appeared ...
Ketch launched Data Sentry, a frontend data map for detecting website privacy risks. Designed for privacy and security teams, Data Sentry provides real-time visibility into website data flows—pinpointing hidden vulnerabilities before they lead ...
Simbian's industry-first AI SOC Hackathon Championship has concluded, bringing with it an exciting glimpse into the future of cybersecurity operations.
The post Augmented, Not Replaced – Humans Outpace AI in Simbian’s SOC Hackathon ...
Tenable Research discovered a privilege-escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ConfusedComposer. The vulnerability could have allowed an identity with permission ...
Why Enzoic Delivers Enterprise-Grade Continuous Credential Monitoring Helpful for Individuals, Not Enough for Enterprises In recent years, free services like Have I Been Pwned (HIBP) have helped raise awareness around the dangers of password ...
Disposable email addresses are temporary inboxes that allow users to receive messages without linking the address to a long-term identity. Unlike Gmail or Outlook, which are built for ongoing use and personal association, disposable email ...
Proofpoint has unveiled the global availability of Proofpoint Prime Threat Protection, the human-centric cybersecurity solution that brings together previously disparate critical threat defense capabilities—protection against multistage attacks ...
A vulnerability in SSL.com has resulted in nearly a dozen certificates for legitimate domains being wrongly issued.
The post SSL.com Scrambles to Patch Certificate Issuance Vulnerability appeared first on SecurityWeek.
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an SSH server based on the Erlang/OTP SSH library are ...
Phishing attacks are not only more frequent but also more sophisticated, leveraging AI to craft highly convincing messages that bypass traditional security measures.
The post Beyond Firewalls: Why Phishing Demands a People-First, ...
A survey of 420 responses from IT and security professionals finds 86% now view securing software-as-a-service (SaaS) applications as a top priority, with more than three-quarters (76%) having increased budget allocations.
The post Survey ...
Hopper has emerged from stealth mode with a solution designed to help organizations manage open source software risk.
The post Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding appeared first on SecurityWeek.
