Application Security News and Articles
With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default for Home users. “For nearly four decades, the blue screen shown ...
The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed a long-running investigation led by the French Police and Paris ...
Bitdefender expanded support for Facebook and Instagram for Bitdefender Security for Creators, a dedicated cybersecurity solution for digital content creators, social media influencers, and online creatives. With this expansion, the service ...
AI voice clones can impersonate people in a way that Altman said is increasingly “indistinguishable from reality” and will require new methods for verification.
The post OpenAI’s Sam Altman Warns of AI Voice Fraud Crisis in Banking appeared ...
PlexTrac launched enhanced Workflow Automation Engine, a major product update designed to standardize workflows across the vulnerability lifecycle, automate pentest findings delivery, accelerate time to remediation, and increase operational ...
BforeAI today disclosed the discovery of a phishing campaign that is leveraging the same core infrastructure to spoof multiple domains.
The post BforeAI Identifies Phishing Campaign Using Same Infrastructure Across Multiple Domains appeared first ...
Experts unpack the risks of trusting agentic AI, arguing that fallibility, hype, and a lack of transparency demand caution—before automation outpaces our understanding.
The post Should We Trust AI? Three Approaches to AI Fallibility appeared ...
French authorities announced that an alleged admin of XSS.is, one of the longest-running cybercrime forums, has been arrested in Ukraine.
The post France Says Administrator of Cybercrime Forum XSS Arrested in Ukraine appeared first on SecurityWeek.
Critics warn that a ban on ransomware payments may lead to dangerous unintended consequences, including forcing victims into secrecy or incentivizing attackers to shift tactics.
The post UK’s Ransomware Payment Ban: Bold Strategy or Dangerous ...
Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data.
The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek.
One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect ...
The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks.
The post Organizations Warned of Interlock Ransomware Attacks appeared first on SecurityWeek.
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek.
A new phishing campaign is targeting users of the U.S. Department of Education’s G5 portal, a site used by educational institutions and vendors to manage grants and federal education funding. Threat researchers at BforeAI uncovered a cluster of ...
Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities.
The post High-Severity Flaws Patched in Chrome, Firefox appeared first on SecurityWeek.
The Lumma Stealer is back after Microsoft and law enforcement took action to significantly disrupt the malware’s infrastructure.
The post Lumma Stealer Malware Returns After Takedown Attempt appeared first on SecurityWeek.
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek.
CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.
The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek.
Akeyless launched NHI Federation, a solution that delivers Single Sign-On (SSO) for machines. As organizations increasingly operate workloads across on-premises and multi-cloud environments, platform and security teams face growing challenges in ...
ManageEngine announced identity risk exposure management and local user MFA features in AD360, its converged identity and access management (IAM) platform. The release enables security teams to detect privilege escalation risks and secure ...
