Application Security News and Articles
Author/Presenter: Dino Dai Zovi
Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the ...
Listen to this article A massive nonprofit hospital network in Ohio, 14 medical centers strong, brought to its knees by cybercriminals—likely the gang behind the Interlock ransomware. Elective surgeries were canceled. Outpatient appointments ...
AI-powered code is developing so fast that security defenses can't keep up, leaving new vulnerabilities in its wake. The speed is outstripping traditional security measures, demanding immediate and radical changes to organizational risk ...
The cybersecurity landscape is undergoing a transformation so profound it can only be described as a seismic shift. We are witnessing the ground rules of digital defense being actively rewritten by the rapid emergence of autonomous AI agents, ...
Articles related to cyber risk quantification, cyber risk management, and cyber resilience.
The post Elevating the CISO to Business Enabler With CRQ | Kovrr appeared first on Security Boulevard.
As organizations rely more heavily on open source components, software composition analysis (SCA) has become essential for identifying risks. But visibility alone is not enough. What turns insight into action is effective policy management: the ...
By Christy Lynch This post summarizes the June 4, 2025 threat intelligence update from Google and offers additional recommendations from Reveal Security based on similar and recently observed attack patterns targeting SaaS applications and cloud ...
Better Active Directory security with Enzoic 3.6: Real-time password feedback. CrowdStrike SIEM integration. Clearer credential risk insights.
The post Introducing Enzoic for Active Directory 3.6 appeared first on Security Boulevard.
Bitdefender announced GravityZone Compliance Manager, a new addition to its GravityZone platform that helps organizations reduce the burden of compliance and streamline audit readiness. Designed specifically for today’s complex regulatory ...
Dynatrace is accelerating the generational shift in enterprise software development by extending the Dynatrace platform with agentic AI capabilities. Designed to predict and prevent disruptions, protect systems and data, and optimize operations ...
A threat actor has been creating backdoored open source malware repositories to target novice cybercriminals and game cheaters.
The post Backdoored Open Source Malware Repositories Target Novice Cybercriminals appeared first on SecurityWeek.
Today, we're announcing our $12 million Series A led by Madrona. This funding represents more than capital—it validates our solution to what I call the 'last mile problem' in application security.
Here's a scenario every security professional ...
Cellebrite and Corellium, whose names have been mentioned in spyware stories, are joining forces to provide advanced investigative solutions.
The post Controversial Firms Cellebrite and Corellium Announce $200 Million Acquisition Deal appeared ...
Sagar Steven Singh and Nicholas Ceraolo, members of the Vile group, get prison sentences for identity theft and hacking.
The post Men Who Hacked Law Enforcement Database for Doxing Sentenced to Prison appeared first on SecurityWeek.
Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check.
The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek.
Many educators are talking about artificial intelligence (AI). Some note its advanced and evolving educational capabilities. Others express hesitancy as AI poses notable risks to online safety. One key risk for K-12 schools is AI-driven ...
Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities.
The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.
Authorities seized 145 domains associated with BidenCash, a marketplace for stolen credit cards and personal information.
The post Carding Marketplace BidenCash Shut Down by Authorities appeared first on SecurityWeek.
Meet Escape Copilot. Powered by the MCP over the Escape Public API, it helps you boost productivity and get more done with less context switching inside Escape.
The post Meet Escape Copilot: Automate App and Scan Management via MCP appeared first ...
Lee Enterprises has completed its investigation into the recent ransomware attack and confirmed that a data breach occurred.
The post Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach appeared first on SecurityWeek.
