Application Security News and Articles
AttackIQ has released a new attack graph emulating the behaviors exhibited by VanHelsing ransomware, a new and rapidly growing ransomware-as-a-service (RaaS) affiliate program that emerged in March 2025. This emulation enables defenders to test ...
Proofpoint has entered into a definitive agreement to acquire Hornetsecurity, a pan-European provider of AI-powered Microsoft 365 (M365) security, data protection, compliance, and security awareness services. Terms of the deal are confidential. ...
Arachnid alarm: Three major British retailers recently attacked, resulting in huge damage. Now we see the self-same scum spotlighting stores in the States.
The post Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce ...
Coinbase said a group of rogue contractors were bribed to pull customer data from internal systems, leading to a $20 million ransom demand.
The post Coinbase Rejects $20M Ransom After Rogue Contractors Bribed to Leak Customer Data appeared first ...
Author/Presenter: Sing Ambikapathi
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; ...
IBM Z Series customers traditionally include some of the world’s biggest financial services and retail companies. This puts them firmly in the crosshairs of the Payment Card Industry Data Security Standard (PCI DSS). Yet while compliance can be ...
Cryptocurrency exchange platform Coinbase has suffered a breach, which resulted in attackers acquiring customers’ data that can help them mount social engineering attacks, the company confirmed today by filing a report with the US ...
GitLab launched GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout ...
DHS cancelled a $2.4 billion contract to Leidos that was awarded last year for ACTS, a project aimed at supporting CISA. Rival Nightwing protested the award, but DHS said the contract was pulled in light of budgetary and mission changes at CISA ...
Unified visibility and context are the keys to an effective exposure management program. Learn how the new Tenable One connectors and unified dashboards give you a comprehensive view of your attack surface, help you streamline decision-making and ...
American steel giant Nucor on Wednesday disclosed a cybersecurity incident that bears the hallmarks of a ransomware attack.
The post Production at Steelmaker Nucor Disrupted by Cyberattack appeared first on SecurityWeek.
As a senior UX designer at Tidal Cyber, I often field questions from other designers and cybersecurity industry colleagues on how to work effectively in a lean team environment. Lean teams typically operate with a ratio of one designer for every ...
Today, May 15, 2025, Castle extends its proven behavioral detection to the network edge through a no-code, fully managed Cloudflare integration.
The rise of AI allows attackers to operate faster and better than ever, which means fraud and abuse ...
Enterprise cybersecurity giant Proofpoint is buying Germany-based Microsoft 365 security solutions provider Hornetsecurity.
The post Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal appeared first on SecurityWeek.
PentestPad announced a major rollout of new features to its platform, built to transform how modern security teams deliver penetration testing and manage vulnerabilities, clients and deliverables. PentestPad is an all-in-one workspace designed ...
The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.
The post Chinese Hackers Hit Drone Sector in Supply Chain Attacks appeared first on SecurityWeek.
Companies running Samsung MagicINFO, a platform for managing content on Samsung commercial digital displays, should upgrade to the latest available version of its v9 branch to fix a vulnerability that’s reportedly being exploited by ...
Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities.
The post Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws appeared first on SecurityWeek.
The team at CyberSaint is thrilled to announce the latest additions and updates to the CyberStrong solution. To start, we’ve expanded Continuous Control Automation to help our clients streamline adoption and configuration, helping you assess ...
Nova Scotia Power says a wide range of personal and financial information was stolen in the recent cyberattack.
The post Canadian Electric Utility Lists Customer Information Stolen by Hackers appeared first on SecurityWeek.
