Application Security News and Articles
BOULDER, Colo.– Strata Identity, the Identity Orchestration company, today announced it has been named an Example Vendor in the 2025 Gartner Guidance for Workforce Access Management report by Paul Rabinovich. As noted in the report, “this ...
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
The post Is AI Use in the Workplace Out of Control? appeared first on SecurityWeek.
Intel, AMD and Arm each published security advisories on Patch Tuesday, including for newly disclosed CPU attacks.
The post Chipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU Attacks appeared first on SecurityWeek.
How Weak Identity Security Posture Affects Organizations
The report paints a clear picture: fraudsters are refining their strategies, targeting high-value credentials and exploiting vulnerabilities across all channels. Several statistics stand ...
Foxit launched Smart Redact Server, a new AI-driven platform built to automate the redaction of sensitive data at scale across enterprise environments. Designed for organizations that manage large volumes of regulated content, the solution ...
McAfee is introducing McAfee’s Scam Detector, a new feature that automatically identifies scams across text, email, and video. Available now in all core McAfee plans at no extra cost, it arrives at a critical moment: nearly 1 in 3 Americans say ...
Forwarded mail can be more trouble than it’s worth - especially when it’s done without checks, validation, or spam filtering. Typos, spamtraps, and forged senders can quickly snowball into blocklistings and delivery failures. In this second ...
Obsidian Security has launched a new browser extension to help businesses safely use SaaS and AI apps online. The extension automatically finds and manages shadow SaaS and AI tools, blocks advanced spear-phishing attacks targeting access tokens, ...
Email authentication used to be something only big players worried about. Not anymore. While small senders may not feel the heat yet, it’s only a matter of time before it reaches them. In this blog, we explore how authentication can be ...
The rise of AI has unlocked unprecedented opportunities across industries, from automating tedious tasks to accelerating software development and transforming how applications are built and maintained. However, AI has also exposed critical ...
Kosovo citizen Liridon Masurica has appeared in a US court, facing charges for his role in operating the cybercrime marketplace BlackDB.cc.
The post Kosovar Administrator of Cybercrime Marketplace Extradited to US appeared first on SecurityWeek.
Introduction
In the current cloud-centric environment, strong API security is essential. Google's acquisition of Wiz underscores the urgent necessity for all-encompassing cloud security solutions. Organizations should focus on both governing API ...
The Power of One: From Leaked Credential to Campaign Attribution Attribution has always been the elusive prize in threat intelligence. The question every CISO wants answered after an attack: “Who did this?” Historically, attribution required ...
Experts say the European Vulnerability Database, or EUVD, should be a good resource, but only if ENISA manages to maintain it properly.
The post EU Cybersecurity Agency ENISA Launches European Vulnerability Database appeared first on SecurityWeek.
Juniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products.
The post Vulnerabilities Patched by Juniper, VMware and Zoom appeared first on SecurityWeek.
Cary, North Carolina, 14th May 2025, CyberNewsWire
The post INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense appeared first on Security Boulevard.
If you caught our recent post, What Microsoft’s New DMARC Policy Means for High-Volume Senders, you’re already familiar with the major changes Microsoft has made to tighten DMARC enforcement as of May 5, 2025. As a reminder, any mass sender ...
Fortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances.
The post Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances appeared first on SecurityWeek.
In a concerning development, over 20 school districts across Long Island have fallen victim to cyberattacks, compromising the personal data of more than 10,000 students. According to state education records, 28 incidents were reported in 2024 ...
Retail giant Marks & Spencer (M&S) has confirmed that customer information was compromised in a recent cyberattack involving one of its third-party service providers. According to Reuters, the breach did not impact M&S’s internal ...
