Application Security News and Articles
AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, credential theft, and more. Its simplicity and open-source design have ...
Zip Security’s Series A funding round led by Ballistic Ventures will help the company grow its engineering and go-to-market teams.
The post Zip Security Raises $13.5 Million in Series A Funding appeared first on SecurityWeek.
DragonForce says it stole more than 150 gigabytes of data from US department store chain Belk in a May cyberattack.
The post Ransomware Group Claims Attack on Belk appeared first on SecurityWeek.
The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments.
The post MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats appeared first on SecurityWeek.
The account was compromised over the weekend and Elmo’s 650,000 followers were given antisemitic threats and a reference to the Jeffrey Epstein investigation.
The post Sesame Workshop Regains Control of Elmo’s Hacked X Account After Racist ...
For decades, manufacturers and security professionals have been playing a high-stakes game of cat and mouse with counterfeiters. From holograms and QR codes to RFID tags and serial numbers, the industry’s toolkit has evolved, but so have the ...
In this Help Net Security interview, Robert Knoblauch, CISO at Element Fleet Management, discusses how the rise of connected vehicles and digital operations is reshaping fleet management cybersecurity. He points to growing risks like API ...
A growing number of MSPs, MSSPs, and consultancies are moving beyond one-and-done engagements and transforming from tactical vendors into strategic advisors. They’re shifting toward recurring cybersecurity programs that not only improve client ...
After every breach, people ask: How did this happen if there were cybersecurity policies in place? The truth is, just having them doesn’t stop attacks. They only work if people know them and follow them when it matters. That’s where things ...
Application Penetration Tester Tata Consultancy Services | Ireland | Hybrid – View job details As an Application Penetration Tester, you will perform in-depth manual testing of web applications and APIs. You’ll work with clients ...
MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework designed to tackle vulnerabilities in digital financial ecosystems, including cryptocurrency platforms. Modeled after the MITRE ...
As organizations continue to deploy AI, security professionals find themselves confronting critical gaps in their level of preparedness, according to F5's 2025 State of AI Application Strategy Report.
The post Survey Finds AI Adoption Outpacing ...
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake.
The post Train Hack Gets Proper Attention After 20 Years: Researcher appeared first on SecurityWeek.
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog.
The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email.
The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek.
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers ...
Blumira launched new features and capabilities designed to help IT teams and managed service providers (MSPs) work smarter, reduce alert fatigue and simplify compliance reporting. With these updates, Blumira continues its mission to deliver ...
Stellar Cyber released version 6.0.0 of its award-winning open and unified SecOps Platform, introducing new AI-driven capabilities and workflow enhancements designed to propel organizations further along their journey to a human-augmented ...
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks.
The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.
The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on ...
