Application Security News and Articles
Adobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer.
The post Adobe Patches Critical Code Execution ...
Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server.
The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek.
The warning came after the department discovered that an impostor attempted to reach out to at least three foreign ministers, a U.S. senator and a governor.
The post Impostor Uses AI to Impersonate Rubio and Contact Foreign and US Officials ...
A stolen copy of Shellter Elite shows how easily legitimate security tools can be repurposed by threat actors when vetting and oversight fail.
The post Legitimate Shellter Pen-Testing Tool Used in Malware Attacks appeared first on SecurityWeek.
An emerging ransomware group that calls itself Bert is quickly evolving after hitting the cybercrime scene in April, targeting both Windows and Linux systems used by organizations in the health care, tech, and other industries in the United ...
With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix NetScaler ADC and/or Gateway instances have been probed and compromised by ...
As organizations rush to adopt agentic AI, security leaders must confront the growing risk of invisible threats and new attack vectors.
The post The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore appeared ...
IBM unveiled Power11 today, a new generation of Power servers built to improve performance across processing, hardware, and virtualization. It’s designed to run reliably both on-site and in IBM’s hybrid cloud. Enterprises in banking, ...
Tosibox launched TosiANTA (Tosibox Advanced Network Traffic Analytics), a solution that redefines comprehensive OT network control for industrial organizations. Redefining control in an era of escalating threats Industrial organizations today ...
SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise.
The post SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover appeared first ...
Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler.
The post Exploits, Technical Details Released for CitrixBleed2 Vulnerability appeared first on SecurityWeek.
Aviatrix today committed to building a security fabric that because it will run natively in cloud computing environments will enable cybersecurity teams to streamline workflows in a way that also promises to reduce total costs.
The post Aviatrix ...
As cyberthreats grow more sophisticated, the telecom industry must evolve accordingly and transform its defense posture.
The post Closing the Telecom Security Gap: Proactive AI is the Future appeared first on Security Boulevard.
The Australian airline says a cybercriminal attempted to extort it after customer data was stolen from a contact center.
The post Qantas Hit with Extortion Demand After Data Breach appeared first on SecurityWeek.
On Q-Day, everything we’ve protected with current crypto – from seemingly mundane but confidential data such as email, bank transactions and medical records, to critical infrastructure, and government secrets – all built on a foundation of ...
Until regulators, courts and litigants begin to hold receiving banks accountable, BEC fraud will remain practically immune from deterrence.
The post BEC Frauds – The Missing Link – Your Friendly Neighborhood Bank appeared first on ...
A properly configured WAF is no longer optional but mandatory, providing organizations with real-time protection against evolving web-based threats while ensuring regulatory compliance.
The post Strengthening Compliance: The Role of WAFs in PCI ...
ParrotOS, known for its emphasis on security, privacy, and development, is widely used by cybersecurity professionals and enthusiasts alike. Version 6.4 delivers a host of updates and community-driven enhancements. The update is expected to be ...
In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment and ...
Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event. Why are sports ...
