Application Security News and Articles
A financially motivated threat actor employing vishing to compromise Salesforce customers, and extort them.
The post Google Warns of Vishing, Extortion Campaign Targeting Salesforce Customers appeared first on SecurityWeek.
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
The post Going Into the ...
Engineering teams live in a paradox — under pressure to ship software faster than ever, yet every new open source component introduces hidden risk. Security backlogs pile up as developers scramble to fix vulnerabilities, balance new feature ...
Cobalt announced a set of product enhancements within the Cobalt Offensive Security Platform aimed at helping customers scale security testing with greater clarity, automation, and control. These innovations further the company’s commitment to ...
Your business depends on APIs, which are essential for contemporary digital experiences, encompassing everything from mobile applications and IoT devices to the rapidly evolving AI landscape. With more than 80% of internet traffic now routed ...
Paid Java commercial support only pays off when there’s an incident, which is almost always sudden, unexpected, and expensive. Still, it only takes one time for you to wish you had paid commercial support for Java. Running with unsupported Java ...
Compyl has raised $12 million in a Series A funding round that will be invested in go-to-market initiatives, hirings, and GRC platform expansion.
The post Compyl Raises $12 Million for GRC Platform appeared first on SecurityWeek.
Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit. About CVE-2025-5419 CVE-2025-5419 is a high-severity out of bounds read and write vulnerability in V8, the JavaScript and ...
Industrial giant Honeywell has published its 2025 Cybersecurity Threat Report with information on the latest trends.
The post Ramnit Malware Infections Spike in OT as Evidence Suggests ICS Shift appeared first on SecurityWeek.
You can read the details of Operation Spiderweb elsewhere. What interests me are the implications for future warfare:
If the Ukrainians could sneak drones so close to major air bases in a police state such as Russia, what is to prevent the ...
Learn why your security controls matter more than theoretical risk scores and how exposure validation helps slash massive patch lists down to the few vulnerabilities that truly demand action.
The post Webinar Today: Redefining Vulnerability ...
End-to-end cybersecurity provider ThreatSpike has raised $14 million in a Series A funding round led by Expedition Growth Capital, after being bootstrapped for 14 years. Founded in 2011, the London-based firm provides real-time detection and ...
Victoria’s Secret is postponing the release of its quarterly earnings following a security breach that disrupted the popular lingerie brand’s corporate operations.
The post Victoria’s Secret Says It Will Postpone Earnings Report After ...
Threat actors steal personal information from thenorthface.com user accounts in a recent credential stuffing campaign.
The post Thousands Hit by The North Face Credential Stuffing Attack appeared first on SecurityWeek.
Salt Security unveiled Salt Illuminate, a platform that redefines how organizations adopt API security. With its self-service onboarding and cloud-native connect capabilities, Salt reduces deployment time from months to minutes requiring no ...
Researchers from Forescout have analyzed the prevalence of internet-exposed solar power devices and shared a list of the top vendors and devices.
The post 35,000 Solar Power Systems Exposed to Internet appeared first on SecurityWeek.
TXOne Networks announced an expanded new version of its SageOne OT Cybersecurity Governance Platform. Already relied upon by many industrial leaders across sectors with exacting cybersecurity requirements, TXOne SageOne has been enhanced to ...
Zscaler announced a new suite of solutions that enable customers to adopt zero trust everywhere. These innovations extend the reach of true zero trust and enable businesses to modernize and scale securely by providing end-to-end segmentation ...
Varonis announced Varonis Identity Protection, the latest enhancement to its Data Security Platform that gives organizations visibility and control of data and identities. Most identity security tools operate in a vacuum — with no understanding ...
A recent Hacker News post looked at the reverse engineering of TikTok’s JavaScript virtual machine (VM). Many commenters assumed the VM was malicious, designed for invasive tracking or surveillance.
But based on the VM’s behavior and string ...
