Application Security News and Articles
In a concerning development, over 20 school districts across Long Island have fallen victim to cyberattacks, compromising the personal data of more than 10,000 students. According to state education records, 28 incidents were reported in 2024 ...
Retail giant Marks & Spencer (M&S) has confirmed that customer information was compromised in a recent cyberattack involving one of its third-party service providers. According to Reuters, the breach did not impact M&S’s internal ...
A recent advisory from the Punjab Police’s cybercrime wing warns of a new wave of malware attacks potentially originating from Pakistan, with a tool known as “Dance of the Hillary” at the center of the campaign. Targeting users through ...
A recent cyber onslaught has drawn global attention: more than 1.5 million Indian websites were defaced or disrupted in retaliation for the alleged “Operation Sindoor,” a reported counterterrorism operation. According to The Times of India, ...
The Nobara Project has released a new version of its Linux distribution, bringing updated packages, performance improvements, and a few visual tweaks aimed at making life easier for users who want a system that works well out of the box. Nobara ...
Cybersecurity education is evolving from simple knowledge transfer to measurable risk reduction as the human risk factor is recognized.
The post Advancing Security Training With Human Risk Management appeared first on Security Boulevard.
Exploring whether an AI language model (Grok 3, built by xAI) could be induced to create a tool with potential illegal applications, despite its ethical guidelines, and how contradictions in its responses could be exposed through contextual ...
Resilience launched Cyber Risk Calculator to provide organizations with a financial snapshot of their cyber risk. The AI-powered tool provides security and risk practitioners and C-Suite executives alike with a common, data-driven language to ...
SecuX launched hardware-based cybersecurity solution tailored for small and medium-sized businesses (SMBs). At the core is Cyber Athena, an enterprise-grade cold wallet that integrates PUF-based authentication via PUFido and PUFhsm hardware ...
Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution.
The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek.
Industrial giants Siemens, Schneider Electric and Phoenix Contact have released ICS security advisories on the May 2025 Patch Tuesday.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first ...
LastPass has announced the general availability of SaaS Monitoring. This new capability empowers organizations of all sizes to gain visibility into their Software-as-a-Service ecosystem, reduce risk from Shadow IT and Shadow AI, and optimize ...
In this Help Net Security interview, Carrie Mills, VP and CISO, Southwest Airlines talks about the cybersecurity challenges facing the aviation industry. She explains how being part of critical infrastructure, a major consumer brand, and an ...
Insider risk is not just about bad actors. Most of the time, it’s about mistakes. Someone sends a sensitive file to the wrong address, or uploads a document to their personal cloud to work from home. In many cases, there is no ill intent, ...
Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware ...
The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security across the EU. The database serves as a centralized repository ...
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. In their place, dozens of new actors emerged, many of them lacking the ...
Santa Clara, Calif. May 14, 2025 – Recently, Gartner released the “Market Guide for Cloud Web Application and API Protection”[1], and NSFOCUS was selected as a Representative Vendor with its innovative WAAP solution. We believe this ...
Cary, NC, May 13, 2025, CyberNewswire –Fresh from a high-impact presence at RSAC 2025, where INE Security welcomed thousands of visitors to its interactive booth at San Francisco’s Moscone Center, the global cybersecurity training and ...
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
Background
On May 13, Ivanti released a security advisory to address a high severity remote code ...
