Application Security News and Articles
Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will first make available this simplified capability to users who want to send ...
North Korea’s Lazarus hackers are using the ClickFix technique for malware deployment in fresh attacks targeting the cryptocurrency ecosystem.
The post Lazarus Uses ClickFix Tactics in Fake Cryptocurrency Job Attacks appeared first on SecurityWeek.
DrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered.
The post Questions Remain Over Attacks Causing DrayTek Router Reboots appeared first on SecurityWeek.
Gmail now allows enterprise users to send end-to-end encrypted emails to colleagues, and will soon allow sending to any inbox.
The post Google Brings End-to-End Encrypted Emails to All Enterprise Gmail Users appeared first on SecurityWeek.
North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in Europe. According to Google’s threat researchers, they are also ...
Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities.
The post Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
In the ever-evolving landscape of web application vulnerabilities, a new critical flaw has emerged. CVE-2025-2825 is a high-severity vulnerability that allows attackers to bypass authentication on CrushFTP servers. This popular enterprise file ...
Exabeam unveiled Exabeam Nova, an autonomous AI agent delivering actionable intelligence that enables security teams to respond faster to incidents, reduce investigation times by over 50%, and mitigate threats more effectively. Exabeam delivers a ...
Cyber threats continue to challenge organizations in 2025, and March saw its share of major breaches. From cloud providers to universities, sensitive data was exposed, raising concerns about security gaps...
The post Top Data Breaches of March ...
In this Help Net Security interview, Aaron Weismann, CISO at Main Line Health, discusses the growing ransomware threat in healthcare and why the sector remains a prime target. He explains the difficulties of protecting patient information, ...
More Than Music: The Unseen Cybersecurity Threats of Streaming Services
The post More Than Music: The Unseen Cybersecurity Threats of Streaming Services appeared first on Security Boulevard.
BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were ...
99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that ...
The Internet of Things (IoT) has become a major part of daily life. Smartphones, smart thermostats, security cameras, and other connected devices make tasks easier and improve comfort, efficiency, and productivity. But as the number of devices ...
Unlock Seamless Security: Combining Physical and Digital Access with HYPR and IDEMIA
Your organization spans a physical and a virtual environment, but how well aligned are your strategies for securing both? With the rise of hybrid work models, ...
Automate and customize SaaS security with Grip’s Policy Center and Workflows—no code, no SOAR, no expertise required.
The post Introducing Policy Center and Customizable Workflows | Grip appeared first on Security Boulevard.
A Beginner's Guide To Staking sAST from AirSwapContinue reading on Medium »
Are You Maximizing Your Secrets Management Strategy? Where technological advancements are rapidly reshaping business, cybersecurity is emerging as a crucial cornerstone of a successful organization. Are you leveraging robust secrets management to ...
The post Beyond the PCI DSS v4.0 Deadline: Feroot Ensures Compliance appeared first on Feroot Security.
The post Beyond the PCI DSS v4.0 Deadline: Feroot Ensures Compliance appeared first on Security Boulevard.
Wiz recently published a detailed analysis of a critical vulnerability in the NGINX Ingress admission controller—what they’ve dubbed IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514). The vulnerability stems from ...
