Application Security News and Articles
Base44 owner Wix quickly patched a critical authentication bypass vulnerability discovered by researchers at Wiz.
The post Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications appeared first on SecurityWeek.
Minnesota Governor Tim Walz called in the National Guard to assist the City of Saint Paul in responding to a cyberattack.
The post Minnesota Activates National Guard in Response to Cyberattack appeared first on SecurityWeek.
Protecting Programmatic API Endpoints Before It’s Too Late The explosive growth of APIs in your global enterprise suggests that you’re probably missing a critical security gap. And you’re not alone. With 25% of businesses reporting that the ...
Discover the essential principles of Ethical AI, including fairness, transparency, privacy, and accountability. Learn how organizations can navigate AI ethics and build responsible, human-centered systems
The post Ethical AI: What Is It & Key ...
Tonic Security has emerged from stealth mode to tackle the complexity of exposure and vulnerability management.
The post Tonic Security Launches With $7 Million in Seed Funding appeared first on SecurityWeek.
Tracked as CVE-2025-6558, the flaw was found in Chrome’s ANGLE and GPU components and was flagged as exploited by Google TAG.
The post Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome appeared first on SecurityWeek.
AI bots, AI scrapers, AI agents—you’ve seen these terms thrown around in product announcements, Hacker News posts, and marketing decks. But behind the hype, what do these bots actually do? And more importantly, how are they changing the fraud ...
Axonius has acquired Cynerio for $100 million in cash and stock to accelerate its expansion into the healthcare market.
The post Axonius Acquires Medical Device Security Firm Cynerio in $100 Million Deal appeared first on SecurityWeek.
Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most ...
It’s unsettling to think that our food supply chain could be targeted or that the safety of our food could be compromised. But this is exactly the challenge the agri-food sector is dealing with right now. Despite agriculture’s importance, ...
Identity-based attack paths are behind most breaches today, yet many organizations can’t actually see how those paths form. The 2025 State of Attack Path Management report from SpecterOps makes the case that traditional tools like identity ...
Although 79% of organizations are already running AI in production, only 6% have put in place a comprehensive security strategy designed specifically for AI. As a result, most enterprises remain exposed to threats they are not yet prepared to ...
Corporate boards are adjusting to a more uncertain proxy landscape, according to EY’s 2025 Proxy Season Review. The report highlights four key 2025 proxy season trends shaping governance this year: more oversight of technology, fewer ...
Tea has said about 72,000 images were leaked online in the initial incident, and another 59,000 images publicly viewable in the app from posts, comments and direct messages were also accessed.
The post Tea App Takes Messaging System Offline After ...
Learn how Thales Cyber Services uses Tenable to help customers navigate the maturity levels of the Essential Eight, enabling vulnerability management and staying ahead of cyber threats.
In today’s fast-moving digital world, cyber threats are ...
The security breach of the popular women-only safe-dating app Tea widened over the weekend, when a second database storing 1.1 million DMs between members was compromised. News of the exposure came days after an initial investigation found that a ...
Creator/Author/Presenter: Varun Gurnaney
Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held ...
Palo Alto Networks Inc. is in discussions to acquire CyberArk Software for more than $20 billion in one of tech’s biggest deals this year, as vendors scramble to fortify their cybersecurity defenses. Palo Alto Networks could finalize a deal for ...
Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass.
The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek.
For years, primarily driven by regulatory compliance mandates, such as the Sarbanes-Oxley Act of 2002, identity and access management has been treated as a regulatory compliance exercise, rather than the security exercise it should be — and ...
