Application Security News and Articles
Author/Presenter: Carlos Gonçalves
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; ...
Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak.
The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak ...
Model Context Protocol is doing for AI what USB did for hardware and HTTP did for the web—creating a universal standard that exponentially expands capabilities. Understand how this innovation allows AI systems to access specialized tools ...
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor.
The post Popular Scraping Tool’s NPM Package Compromised in Supply Chain Attack appeared first on SecurityWeek.
RSAC 2025 revealed that AI agents are reshaping trust and identity. Learn what top CISOs are doing about it and how the conversation about NHI governance is evolving.
The post RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and ...
VMS firm Valsoft Corporation says the personal information of over 160,000 people was compromised in a February 2025 data breach.
The post 160,000 Impacted by Valsoft Data Breach appeared first on SecurityWeek.
Recognized as one of Australia’s Best Workplaces™ in Technology for third year in a row.
The post Kasada Ranks #4 Among Australia’s Best Technology Employers in 2025 appeared first on Security Boulevard.
A clever malware campaign delivering the novel Noodlophile malware is targeting creators and small businesses looking to enhance their productivity with AI tools. But, in an unusual twist, the threat actors are not disguising the malware as ...
Three NPM packages posing as developer tools for Cursor AI code editor’s macOS version contain a backdoor.
The post Malicious NPM Packages Target Cursor AI’s macOS Users appeared first on SecurityWeek.
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
The post Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits appeared first ...
Are we truly prepared for what’s coming? Amidst the ongoing geopolitical tensions and the risk of a full-scale conflict, every organization must ask itself this question. In an era where cyberattacks often accompany geopolitical unrest, the ...
The affiliate panel of the infamous LockBit Ransomware-as-a-Service (RaaS) group has been hacked and defaced, showing a link to a MySQL database dump ostensibly containing leaked data relating to the group’s operations: The defaced dark web ...
It usually starts small—a missed phish here, a lost customer email in the quarantine abyss. Maybe a few grumbles from your support team about never-ending rule updates. At first, you let it slide. You think, 'That’s just how it goes'; you ...
Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed.
The post SAP Zero-Day Targeted Since January, Many Sectors Impacted appeared first on SecurityWeek.
VC firm Insight Partners is informing partners and employees that their information was exposed in the January 2025 cyberattack.
The post Company and Personal Data Compromised in Recent Insight Partners Hack appeared first on SecurityWeek.
Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. They also collect the most data. Chrome: the most data-hungry browser (Source: Surfshark) The most data-hungry ...
Struggling with "recipient address rejected: access denied"? Understand SMTP 550 5.7.1 errors and how to fix this email bounce issue step by step.
The post Recipient Address Rejected: Access Denied – Causes & Fixes (SMTP 550 5.7.1) appeared ...
Private messages, Bitcoin addresses, victim data, and attacker information were leaked after someone hacked a LockBit admin panel.
The post Valuable Information Leaked in LockBit Ransomware Hack appeared first on SecurityWeek.
Introduction A well-known organisation called SolarWinds was attacked in September 2019. In this attack, a hacker used a supply chain attack to inject malicious code into the system. More than 18,000 SolarWinds customers installed Updates ...
VicOne announced xAurient, a new automotive threat intelligence platform that enables streamlined threat response by delivering early threat intelligence tailored to the particular manufacturing environment of an original equipment manufacturer ...
