Application Security News and Articles
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers ...
Blumira launched new features and capabilities designed to help IT teams and managed service providers (MSPs) work smarter, reduce alert fatigue and simplify compliance reporting. With these updates, Blumira continues its mission to deliver ...
Stellar Cyber released version 6.0.0 of its award-winning open and unified SecOps Platform, introducing new AI-driven capabilities and workflow enhancements designed to propel organizations further along their journey to a human-augmented ...
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks.
The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase.
The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on ...
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach.
The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Attackers are using public models and automation tools to generate malware that is unique to every campaign. It doesn't look like anything we've seen before.
The post Rethinking Defense in the Age of AI-Generated Malware appeared first on ...
Modern AI attacks require runtime guardrails capable of spanning application, container and node/host runtime environments comprehensively.
The post Security in the Era of AI-speed Exploits appeared first on Security Boulevard.
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack.
The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
An AI hiring bot intended to streamline the job application process has instead created a super-sized privacy headache for McDonald’s.
The post McDonald’s Hiring Bot: Would You Like A Side of PII With That? appeared first on Security ...
In this Help Net Security interview, Gail Hodges, Executive Director at the OpenID Foundation, discusses how the Foundation ensures global consistency in FAPI 2.0 implementations and helps different industries, including healthcare, adopt secure ...
pqcscan is an open-source tool that lets users scan SSH and TLS servers to see which Post-Quantum Cryptography (PQC) algorithms they claim to support. It saves the results in JSON files. You can turn one or more of these files into an HTML report ...
Discover how Bitdefender PHASR enables organizations to identify and remediate security misconfigurations before attackers can exploit them. This demo walks through PHASR’s proactive hardening capabilities, showing how it transforms visibility ...
60% of organizations rate their Microsoft 365 security as “established” or “advanced”, according to CoreView. Yet, 60% of those same organizations have experienced account compromise attacks. The Microsoft 365 attack surface is wide and ...
WatchGuard has released its latest Internet Security Report, covering malware, network, and endpoint threats spotted by its Threat Lab in the first quarter of 2025. The report shows a 171% jump in unique malware detections compared to the ...
A new report from Zendesk outlines a growing problem for companies rolling out AI tools: many aren’t ready to manage the risks. The AI Trust Report 2025 finds that while AI is moving into customer service and support, only 23% of companies feel ...
Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi.
The post Thirteen Romanians Arrested for Phishing the UK’s Tax Service appeared first on ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 Patch Tuesday, Microsoft has released patches for 130 ...
The latest release of the xAI LLM, Grok-4, has already fallen to a sophisticated jailbreak.
The post Grok-4 Falls to a Jailbreak Two days After Its Release appeared first on SecurityWeek.
An analysis of cyberattacks shared this week by Watchguard Technologies finds there was a 171% increase in total unique network malware detections and a 712% increase in endpoint detections in the first quarter of 2025 compared with the previous ...
