Application Security News and Articles
BeyondTrust released new AI security controls in Identity Security Insights. These capabilities provide visibility into AI agents, secure orchestration of their actions, and an on-board intelligence layer to help teams make faster, smarter ...
Siren announced the launch of K9, an AI companion designed to transform the way investigators uncover threats and connections. K9 is fast, dependable and mission-focused, built to guard, protect, and serve those on the front lines of keeping ...
NetRise has identified 20 device models from six vendors that are still vulnerable to Pixie Dust attacks.
The post Decade-Old Pixie Dust Wi-Fi Hack Still Impacts Many Devices appeared first on SecurityWeek.
The packages were injected with malicious code to harvest secrets, dump them to a public repository, and make private repositories public.
The post Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit appeared first ...
A new survey of 3,001 security leaders reveals 26% of organizations have faced AI model data poisoning, 20% experienced deepfakes, and over half admit deploying AI too quickly. As AI-driven threats rise, enterprises invest in GenAI security, ...
Microsoft and Cloudflare have teamed up to take down the infrastructure used by RaccoonO365.
The post RaccoonO365 Phishing Service Disrupted, Leader Identified appeared first on SecurityWeek.
What is Turkey’s Personal Data Protection Law (KVKK)? The Personal Data Protection Law (KVKK), or Kişisel Verileri Koruma Kanunu in Turkish, is Turkey’s primary data privacy law. It came into force on April 7, 2016, and is largely based on ...
What is the Washington My Health My Data Act? The Washington My Health My Data Act (MHMDA) is a comprehensive privacy law enacted in 2023. Its purpose is to safeguard a broad category of sensitive information defined as “consumer health ...
Jaguar Land Rover’s prolonged plant shutdown after a ransomware attack by Scattered Lapsus$ Hunters highlights the urgent need for cyber resilience. Experts stress leadership, supply chain security, and cultural commitment to cybersecurity as ...
Astrix Security launched the AI Agent Control Plane (ACP), a solution designed to deploy secure-by-design AI agents across the enterprise. With ACP, every AI agent receives short-lived, precisely scoped credentials and just-in-time access based ...
Change is coming to SSL/TLS certificate management, and it’s arriving faster than most organizations realize. The CA/B Forum’s version of “March Madness” will start rolling out within months and culminate in a rigorous 47-day maximum ...
ManageEngine unveiled that its security information and event management (SIEM) solution, Log360, has been strengthened with a reengineered threat detection approach, in a major enhancement aimed at addressing the needs of security operations ...
Researchers have introduced a new way to study and defend against ICS threats. Their project, called ICSLure, is a honeynet built to closely mimic a real industrial environment. Why traditional honeypots fall short Honeypots are systems designed ...
In this Help Net Security interview, Marco Goldberg, Managing Director at EQS Group, discusses how compliance and regulation are evolving worldwide. He talks about how organizations can stay compliant with international rules while keeping their ...
Discover how DSPM helps MSSPs prove value, reduce churn, and strengthen client trust with proactive, data-centric security.
The post How DSPM Helps MSSPs Prove Value to Clients and Reduce Churn appeared first on Security Boulevard.
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI catchers or Stingrays, mimic cell towers to trick phones into connecting so ...
In this Help Net Security video, Jérôme Segura, VP of Threat Research at Datadome, explains why intent, not just identifying bots, must be the new focus for cybersecurity teams. He explores how advanced AI agents and sophisticated bots blur the ...
Attackers are finding new ways to blend in with everyday business tools, hiding their activity inside formats and processes that workers and IT teams often trust. The latest quarterly Threat Insights Report from HP Wolf Security shows how ...
An ongoing supply chain attack dubbed "Shai-Hulud" has compromised hundreds of packages in the npm repository with a self-replicating worm that steals secrets like API key, tokens, and cloud credentials and sends them to external servers that the ...
Last updated 7:00 p.m. ET on September 16, 2025
The post Ongoing npm Software Supply Chain Attack Exposes New Risks appeared first on Security Boulevard.
