Application Security News and Articles
California Consumer Privacy Act (CCPA): CCPA and CPRA, Simplified On July 1, 2025, the California Attorney General settled with Healthline for $1.55 million, the highest CCPA-related fine to date, citing...
The post Everything You Need to Know ...
Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, Veracode, VioletX, Pentera, Keep Aware, Oleria, SpyCloud, and Picus ...
From the floor at #BlackHat2025: Cybersecurity has the blinking lights, but this year it also has blood in the water, writes Alan.
The post Has Cyber Been Infected With the Economic Malaise? appeared first on Security Boulevard.
In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and ...
First comes swiping, then comes… scams? Online dating can lead to lasting love, but it can also open the door to heartbreak, fraud, and safety risks. Here’s what to watch out for so you can date smarter and safer.
The post Match or trap? ...
Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits ...
Elastic AI SOC Engine (EASE) is a new serverless, easy-to-deploy security package that brings AI-driven context-aware detection and triage into existing SIEM and EDR tools, without the need for an immediate migration or replacement. EASE delivers ...
While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which analyzed code produced by over 100 LLMs across 80 real-world coding ...
Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap. Researchers assessed the external attack surface of 21 major ...
Austin, TX, Aug. 6, 2025, CyberNewswire: SpyCloud, the leader in identity threat protection, today announced a significant enhancement to its SaaS Investigations solution: the integration of advanced AI-powered insights that mirror the tradecraft ...
Overview Recently, NSFOCUS CERT detected that Cursor issued a security bulletin and fixed the Cursor remote code execution vulnerability (CVE-2025-54135); Because Cursor allows files to be written to the workspace without user approval, when an ...
Over 39 million secrets were leaked on GitHub in 2024. Discover why most teams fail at secrets management and how lifecycle-aware practices can help.
The post Why the lifecycle of secrets defines your security posture appeared first on Security ...
Why a secrets management strategy is now critical for modern security.
The post Secrets Management Fireside Chat: Doppler, Financial Times, BODi, and Secureframe appeared first on Security Boulevard.
Zenity has shown how AI assistants such as ChatGPT, Copilot, Cursor, Gemini, and Salesforce Einstein can be abused using specially crafted prompts.
The post Major Enterprise AI Assistants Can Be Abused for Data Theft, Manipulation appeared first ...
CyberArk has patched several vulnerabilities that could be chained for unauthenticated remote code execution.
The post Enterprise Secrets Exposed by CyberArk Conjur Vulnerabilities appeared first on SecurityWeek.
Project Red Hook is a Homeland Security Investigations operation examining how Chinese Organized Crime is committing wholesale Gift Card Fraud by using Chinese illegal immigrants to steal gift cards, reveal their PIN, reseal the cards, and return ...
Palo Alto Networks this week revealed it is providing early access to an application security posture management (ASPM) module for its Cortex security platform as part of a larger effort to streamline cybersecurity workflows. The Cortex Cloud ...
Redefining Cybersecurity with NHI Innovation and Secrets Management Are you aware of the revolutionary changes taking place in cybersecurity and data management? Transforming digital calls for a ground-breaking approach to managing security ...
Is Your Secrets Vault Ensuring Optimal Data Protection? Securing Non-Human Identities (NHIs) and their accompanying secrets requires robust cybersecurity measures. NHIs, essentially machine identities, are a crucial part of cybersecurity ...
Are Your Cybersecurity Measures Keeping Up With the Digital Age? Data protection has become a paramount concern for most organizations. However, the question remains, is your data truly protected? If you are in doubt, we are going to delve into ...
