Application Security News and Articles
Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161.
The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek.
LoftLabs launched vNode to redefine secure tenant isolation in Kubernetes. By introducing a new layer of virtualization on the node level, vNode ensures workloads remain fully isolated, allowing platform teams to enforce stricter security ...
Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact.
The post Check Point Responds to Hacking Claims appeared first on SecurityWeek.
Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models.
The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek.
France’s antitrust watchdog fined Apple 150 million euros ($162 million) over a privacy feature protecting users from apps snooping on them.
The post France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency ...
March 2025 was a high-alert month for cybersecurity teams. Critical CVEs surfaced across widely used technologies, some quiet, others loud, but all carrying real risk. These weren’t just routine disclosures....
The post Top CVEs & ...
On March 21, 2025, a critical authorization bypass vulnerability in Next.js, identified as CVE-2025-29927, was disclosed with a CVSS score of 9.1. This framework’s middleware handling flaw enables attackers to bypass authentication and ...
With global tensions climbing, cyber attacks linked to nation-states and their allies are becoming more common, sophisticated, and destructive. For organizations, cybersecurity can’t be treated as separate from world events anymore, they’re ...
Most people groan at the prospect of security training. It’s typically delivered through dull online videos or uninspiring exercises that fail to capture real-world urgency. To make a real difference in cyber crisis readiness, personnel need ...
While cybercriminals are often in the spotlight, one of the most dangerous threats to your company might be hiding in plain sight, within your own team. Employees, contractors, or business partners who have access to sensitive information can use ...
In this Help Net Security interview, Yinglian Xie, CEO at DataVisor, explains how evolving fraud tactics require adaptive, AI-driven prevention strategies. With fraudsters using generative AI to launch sophisticated attacks, financial ...
Cloud Security Engineer Fexco | Ireland | Hybrid – View job details As a Cloud Security Engineer, you will design and implement security frameworks for cloud environments. Enforce secure access policies, MFA, and least privilege ...
“The Renaissance Man” was attributed to Leonardo da Vinci because he symbolized the focus of the Renaissance era: boundless human potential. The 2025 State of Passwordless Identity Assurance Report revolves around the Identity Renaissance: ...
Is Your Cybersecurity Strategy Delivering Value? One pivotal question hovers in every professional’s mind: ‘Is my cybersecurity strategy delivering value?’ The answer lies deep within the nuances of Non-Human Identities (NHIs) and Secrets ...
Why Are Adaptable NHI Strategies Essential in Today’s Cybersecurity Landscape? Where cyber threats are increasingly complex and pervasive, businesses need robust and flexible strategies to safeguard their data assets. One such strategy is the ...
Are Your Machine Identities Trapped in a Security Blindspot? A critical question persists: How secure are your Non-Human Identities (NHIs) across the cloud? While businesses invest heavily in human-centric cybersecurity solutions, they often ...
Are You Ready to Embrace the Latest Secrets Security Trends? Isn’t it fascinating to consider how cybersecurity has evolved over the past few years? It’s become essential to focus on securing machine identities and secrets. This is where ...
Is Your Secrets Vault Really Equipped for the Task? Non-Human Identities (NHIs) and their secrets management have become the cornerstone of an effective cybersecurity strategy. The question is, is your secrets vault truly impenetrable? Or are ...
Authors/Presenters: Daemon Tamer
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; ...
Gen Z, or individuals born between 1997 and 2012, have certain types of lifestyles, upbringings and character traits that make them ideal for social engineering exploitation.
The post Gen Z’s Rising Susceptibility to Social Engineering Attacks ...
