Application Security News and Articles
Early stage startups face a brutal dilemma: you need marketing expertise and budget to grow, but lack both. Discover how programmatic SEO breaks this cycle by automating top-of-funnel growth and building long-term SEO authority for B2B SaaS ...
Noteworthy stories that might have slipped under the radar: Norwegian dam hacked, AT&T agrees to $177 million data breach settlement, Whole Foods distributor restores systems after attack.
The post In Other News: Norway Dam Hacked, $177M ...
From malware markets to IAM frameworks, BSides SATX 2025 showed why modern security must evolve from static protection to identity-centric, adaptive defense.
The post When Infostealer Frontiers Meet Identity-Centric Defense: Lessons from BSides ...
Check out the U.S. government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the ...
Fake account creation is one of the most persistent forms of online abuse. What used to be a fringe tactic (bots signing up to post spam) has become a scaled, repeatable attack. Today’s fake account farms operate with disposable identities, ...
Microsoft is preparing a private preview of new Windows endpoint security platform capabilities to help antimalware vendors create solutions that run outside the kernel.
The post Microsoft to Preview New Windows Endpoint Security Platform After ...
We need to talk about data integrity.
Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by ...
The current geopolitical climate demands a proactive, comprehensive approach to cybersecurity. Here’s what you need to know — and how Tenable can help.
The cybersecurity landscape is in constant flux, but rarely do we see such a rapid ...
If you do the basics right — update regularly, control permissions and protect logins — you’ll already be ahead of most sites on the web.
The post How to Protect Your Drupal Site From Cyberattacks appeared first on Security Boulevard.
A Market in Transformation
The managed services M&A market is seeing a big jump in activity. Every week, I hear from partners navigating mergers, private equity deals, or strategic exits. According to MSP Business Insights, M&A activity ...
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors.
Background
Tenable’s Research Special ...
RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.
The post RevEng.ai Raises $4.15 Million to Secure Software Supply Chain appeared first on SecurityWeek.
Businesses, big or small, must prioritize data security not only to maintain trust but also to stay compliant with evolving regulations. This article explores practical, actionable strategies to safeguard client information, including encryption, ...
China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.
The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.
AI driven penetration testing tool is rapidly transforming the landscape of modern cybersecurity. These advanced tools leverage artificial intelligence to help security teams detect, analyze, and mitigate vulnerabilities more efficiently. ...
The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.
The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.
Regional APT Threat Situation In May 2025, the global threat hunting system of Fuying Lab discovered a total of 44 APT attack activities. These activities are mainly distributed in South Asia, Eastern Europe, East Asia, West Asia, Southeast Asia ...
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.
The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.
Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
Abstract Security this week added a data lake, dubbed LakeVilla, to a portfolio of tools for migrating data between cybersecurity tools to provide a less expensive alternative to a security information event management (SIEM) platform for storing ...
