Application Security News and Articles
The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation.
The post SAP Patches Critical NetWeaver Vulnerabilities appeared first on SecurityWeek.
Vanta has unveiled a new set of capabilities that integrates AI across core compliance and risk workflows. These features unify policy management with the Vanta AI Agent, expand first-party risk oversight and continuous monitoring for vendors, ...
A Low-Lift, High-Impact Win for Cybersecurity Product Managers Every breach story seems to follow a pattern: attackers get hold of stolen credentials and use them to walk straight into systems. It’s not a zero-day exploit or a highly ...
Hummingbird announced its unified platform for risk and compliance operations. The expanded platform brings together the full risk and compliance lifecycle with the launch of new solutions for both Transaction & Risk Monitoring and Customer ...
Based on real-world insurance claims, Resilience’s midyear report shows vendor risk is declining but costly, ransomware is evolving with triple extortion, and social engineering attacks are accelerating through AI.
The post Ransomware Losses ...
Attaullah Baig has filed a lawsuit against Meta and its executives, accusing them of retaliation over critical cybersecurity failures.
The post Ex-WhatsApp Security Chief Sues Meta Over Vulnerabilities, Retaliation appeared first on SecurityWeek.
Cisco introduced Splunk Enterprise Security Essentials Edition and Splunk Enterprise Security Premier Edition, providing customers two agentic AI-powered SecOps options that unify security workflows across threat detection, investigation, and ...
Frankfurt am Main, Germany, 9th September 2025, CyberNewsWire
The post Link11 Reports 225% more DDoS attacks in H1 2025 with new tactics against infrastructure appeared first on Security Boulevard.
A disjointed approach to cloud security generates more noise than clarity, making it hard for you to prioritize what to fix first. Learn how Tenable dissolves this challenge by integrating cloud security into a unified exposure management ...
Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account. “The packages were updated to contain a piece of code that would be ...
NetApp has released NetApp StorageGRID 12.0, a scalable, software-defined object storage solution designed for unstructured data. This latest version of StorageGRID introduces new capabilities designed to enhance AI initiatives, improve data ...
Explore the top Akamai Identity Cloud alternatives. Learn why MojoAuth is the #1 CIAM solution for secure, scalable, and cost-effective migration.
The post Top 5 Alternatives to Akamai Identity Cloud (And Why MojoAuth is #1) appeared first on ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and ...
Over half of internet-exposed cloud and non-cloud assets in Global 2000 companies lack web application firewall (WAF) protection, leaving sensitive data vulnerable amid rising cybersecurity threats and AI-driven attacks, according to a CyCognito ...
Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s cybersecurity, you must contend with evolving regulatory obligations, outdated IT ...
In May 2024, hackers stole names, Social Security numbers, financial information, and protected health information from the hospital’s systems.
The post 160,000 Impacted by Wayne Memorial Hospital Data Breach appeared first on SecurityWeek.
The attacker deployed multiple malware families, including two backdoors and a proxy tunneller, and various reconnaissance tools.
The post Threat Actor Connected to Play, RansomHub and DragonForce Ransomware Operations appeared first on SecurityWeek.
The industrial cybersecurity firm will become a wholly owned subsidiary of Mitsubishi Electric.
The post Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion appeared first on SecurityWeek.
Silobreaker has launched Requirements, a new way for threat intelligence (TI) teams to define, operationalize and measure Priority Intelligence Requirements (PIRs). The new capability combines a PIR library with integrated monitoring tools and ...
Hackers accessed emails, usernames, password hashes, and authentication data stored in a Plex database.
The post Plex Urges Password Resets Following Data Breach appeared first on SecurityWeek.
