Application Security News and Articles
The current geopolitical climate demands a proactive, comprehensive approach to cybersecurity. Here’s what you need to know — and how Tenable can help.
The cybersecurity landscape is in constant flux, but rarely do we see such a rapid ...
If you do the basics right — update regularly, control permissions and protect logins — you’ll already be ahead of most sites on the web.
The post How to Protect Your Drupal Site From Cyberattacks appeared first on Security Boulevard.
A Market in Transformation
The managed services M&A market is seeing a big jump in activity. Every week, I hear from partners navigating mergers, private equity deals, or strategic exits. According to MSP Business Insights, M&A activity ...
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors.
Background
Tenable’s Research Special ...
RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.
The post RevEng.ai Raises $4.15 Million to Secure Software Supply Chain appeared first on SecurityWeek.
Businesses, big or small, must prioritize data security not only to maintain trust but also to stay compliant with evolving regulations. This article explores practical, actionable strategies to safeguard client information, including encryption, ...
China-linked Silver Fox hacking group is targeting Chinese users with fake installers carrying a RAT and a rootkit.
The post Chinese Hackers Target Chinese Users With RAT, Rootkit appeared first on SecurityWeek.
AI driven penetration testing tool is rapidly transforming the landscape of modern cybersecurity. These advanced tools leverage artificial intelligence to help security teams detect, analyze, and mitigate vulnerabilities more efficiently. ...
The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access.
The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek.
Regional APT Threat Situation In May 2025, the global threat hunting system of Fuying Lab discovered a total of 44 APT attack activities. These activities are mainly distributed in South Asia, Eastern Europe, East Asia, West Asia, Southeast Asia ...
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.
The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.
Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls.
The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek.
Abstract Security this week added a data lake, dubbed LakeVilla, to a portfolio of tools for migrating data between cybersecurity tools to provide a less expensive alternative to a security information event management (SIEM) platform for storing ...
In this Help Net Security interview, Michal Tresner, CEO of ThreatMark, discusses how cybercriminals are weaponizing AI, automation, and social engineering to industrialize money mule operations. He looks at how these networks have changed and ...
Every time there’s a natural or manmade disaster that takes medical equipment offline, cuts connectivity to emergency services and loved ones, or shuts down access to ATMs, network engineers are at the center of the heroic efforts required to ...
Attackers are more inclined to “log in rather than break in,” using stolen credentials, legitimate tools, and native access to stealthily blend into their target’s environment, according to Bitdefender’s 2025 Cybersecurity ...
Even though GenAI threats are a top concern for both security teams and leadership, the current level of testing and remediation for LLM and AI-powered applications isn’t keeping up with the risks, according to Cobalt. GenAl as a threat or a ...
Here’s a look at the most interesting products from the past month, featuring releases from: Akamai, AttackIQ, Barracuda Networks, BigID, Bitdefender, Contrast Security, Cymulate, Dashlane, Embed Security, Fortanix, Fortinet, Jumio, Lemony, ...
Best SAST Solutions: How to Choose Between the Top 11 Tools in 2025 Static Application Security Testing (SAST) is a proactive approach to identifying security vulnerabilities in source code during development. This article delves into the core ...
The 3,000% increase in deepfake attacks represents more than just a cybersecurity statistic—it marks the beginning of a new era where traditional approaches to digital identity verification must be fundamentally reconsidered. Organizations that ...
