Application Security News and Articles
Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team ...
Phishing is one of the oldest and most effective scams used by cybercriminals. No one is immune to them, not even internet security experts, as seen in the case of Troy Hunt, who recently fell for a phishing email. Before AI became mainstream, ...
A new policy brief from NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) warns that critical port infrastructure, responsible for 80 percent of global trade, is increasingly under attack by threat actors tied to Russia, Iran, and ...
Fraud is growing faster than revenue in eCommerce. That’s one of the first things PwC and Forter point out in their new report, and it’s a wake-up call for online retailers. Fraud is rising faster than ever Right now, eCommerce leaders are ...
Akamai researchers today disclosed they have discovered a variant of Coyote malware that extracts specific banking and cryptocurrency exchanges by compromising the UI Automation (UIA) framework developed by Microsoft.
The post Akamai Identifies ...
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.
The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek.
An analysis published today by ReliaQuest finds the number of exposed ports through which cybercriminals can gain access to IT environments has increased to 131 in the first half of 2025, a 27% increase.
The post Analysis Finds 131 Vulnerable ...
Once a manageable function, security operations has become a battlefield of complexity.
The post Reclaiming Control: How Enterprises Can Fix Broken Security Operations appeared first on SecurityWeek.
As Microsoft puts the final patch in place, a growing number of hackers, including several China state-sponsored threat groups, are quickly pushing forward to exploit the security flaws that will allow them compromise on-premises SharePoint ...
As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check ...
Dell confirms the compromise of a demo environment containing synthetic data after hackers leak allegedly stolen information.
The post Dell Says Data Leaked by Hackers Is Fake appeared first on SecurityWeek.
Malwarebytes announced the expansion of its ThreatDown product family with the launch of a new email security module designed to combat email-based threats. ThreatDown Email Security, powered by IRONSCALES‘ adaptive AI technology, extends ...
Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s ...
CYE launched its new AI Agent, CYE AI. The addition of this conversational AI assistant enables organizations to understand, prioritize, and act on their unique cyber risk from day one. In the growing threat landscape, where threat actors can ...
Seemplicity unveiled a major product release packed with AI-powered capabilities to cut through noise, facilitate fixing teams, and reduce time to remediation. This latest release introduces AI Insights, Detailed Remediation Steps, and Smart ...
BitRaser launched its Integrated Mac Eraser and Diagnostics Tool, a software designed to streamline IT asset disposition (ITAD) processes. The tool allows ITAD providers to simultaneously perform secure data erasure and comprehensive hardware ...
AI-powered cybersecurity company Darktrace has acquired network traffic visibility provider Mira Security.
The post Darktrace Acquires Mira Security appeared first on SecurityWeek.
Seemplicity today added artificial intelligence (AI) capabilities to its platform for managing cybersecurity remediations that promise to make teams more efficient.
The post Seemplicity Leverages AI to Optimize Cybersecurity Remediation Efforts ...
Dior says hackers accessed personal information in a January 2025 intrusion. No payment information was compromised.
The post Dior Says Personal Information Stolen in Cyberattack appeared first on SecurityWeek.
The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU.
The post UK Sanctions Russian Hackers Tied to Assassination Attempts appeared first on ...
