Application Security News and Articles
Exploring whether an AI language model (Grok 3, built by xAI) could be induced to create a tool with potential illegal applications, despite its ethical guidelines, and how contradictions in its responses could be exposed through contextual ...
Resilience launched Cyber Risk Calculator to provide organizations with a financial snapshot of their cyber risk. The AI-powered tool provides security and risk practitioners and C-Suite executives alike with a common, data-driven language to ...
SecuX launched hardware-based cybersecurity solution tailored for small and medium-sized businesses (SMBs). At the core is Cyber Athena, an enterprise-grade cold wallet that integrates PUF-based authentication via PUFido and PUFhsm hardware ...
Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution.
The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek.
Industrial giants Siemens, Schneider Electric and Phoenix Contact have released ICS security advisories on the May 2025 Patch Tuesday.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first ...
LastPass has announced the general availability of SaaS Monitoring. This new capability empowers organizations of all sizes to gain visibility into their Software-as-a-Service ecosystem, reduce risk from Shadow IT and Shadow AI, and optimize ...
In this Help Net Security interview, Carrie Mills, VP and CISO, Southwest Airlines talks about the cybersecurity challenges facing the aviation industry. She explains how being part of critical infrastructure, a major consumer brand, and an ...
Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or uploads a document to their personal cloud to work from home. In many cases, there is no ill intent, ...
Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware ...
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security across the EU. The database serves as a centralized repository ...
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. In their place, dozens of new actors emerged, many of them lacking the ...
Santa Clara, Calif. May 14, 2025 – Recently, Gartner released the “Market Guide for Cloud Web Application and API Protection”[1], and NSFOCUS was selected as a Representative Vendor with its innovative WAAP solution. We believe this ...
Cary, NC, May 13, 2025, CyberNewswire –Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands of visitors to its interactive booth at San Francisco’s Moscone Center, the global cybersecurity training and ...
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
Background
On May 13, Ivanti released a security advisory to address a high severity remote code ...
Is Your Secrets Management Strategy Straining Your Budget? Organizations are on the lookout for budget-friendly secrets management solutions that provide robust security without causing financial strain. I believe that a comprehensive Non-Human ...
Why is the Strategic Management of NHIs Essential? How do we ensure that our cybersecurity measures keep pace? Non-Human Identities (NHIs) present a unique challenge, as they require a different approach to securing their secrets. This task can ...
How Does Proactive Non-Human Identity Management Keep You Ahead? Cybersecurity, for years, has been placing humans at the center of the identity universe. But have you considered the indispensable role of Non-Human Identities (NHIs) in your ...
Are You Maximizing the Potential of Your IAM Strategies? Effective data management requires a nuanced understanding of advanced Identity and Access Management (IAM) strategies. Where cyber threats are evolving at a rapid pace, an organization’s ...
On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not exploited) vulnerabilities. The zero-days and the publicly disclosed flaws ...
Adobe Patch Tuesday headlined by a major Adobe ColdFusion update patching a wide swatch of code execution and privilege escalation attacks.
The post Adobe Patches Big Batch of Critical-Severity Software Flaws appeared first on SecurityWeek.
