Application Security News and Articles
CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data.
The post CISA: CVE Program to Focus on Vulnerability Data Quality appeared first on SecurityWeek.
Boost your Node.js development in 2024 with these 15 essential VS Code extensions. Streamline your workflow and boost productivity with actionable tools.
The post Top 15 Visual Studio Code Extensions for Node.js Development appeared first on ...
Exploiting incomplete speculative execution attack mitigations extended to the branch predictor state, VMScape leaks arbitrary memory.
The post VMScape: Academics Break Cloud Isolation With New Spectre Attack appeared first on SecurityWeek.
Most mobile apps silently leak personal data to third parties, even trusted ones. From trackers in Google Play apps to high-profile breaches like Strava and British Airways, app data leakage is a growing privacy risk. Learn why apps leak data and ...
Critical Security Alert: If you are an organization using Rockwell’s ThinManager software version 13.0 or below, you are vulnerable. If you cannot upgrade immediately, please scroll to the section on compensating controls below and contact our ...
KioSoft was notified about a serious NFC card vulnerability in 2023 and only recently claimed to have released a patch.
The post Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm appeared first on SecurityWeek.
HCLSoftware launched HCL AppScan 360º version 2.0, a next-generation application security platform designed to help organizations regain control over their software supply chains. As open-source adoption accelerates and global data regulations ...
Sublime Security released the Autonomous Detection Engineer (ADÉ), an end-to-end AI agent that turns attack telemetry into transparent and auditable protection that security teams can trust. Email attacks are advancing as adversaries weaponize ...
Overview NSFOCUS LLM security solution consists of two products and services: the LLM security assessment system (AI-SCAN) and the AI unified threat management (AI-UTM), forming a security assessment and protection system covering the entire life ...
You Don’t Know What You Don’t Know – And That’s the Problem Picture this: Your development team has built a robust e-commerce platform. Your security team has implemented comprehensive protection measures. Your compliance team has checked ...
With attacks on applications growing rapidly, regular testing of web and mobile platforms has become critical. In fact, statistics show that web applications are involved in 26% of breaches, ranking as the second most exploited attack pattern. ...
A new study has found that electrocardiogram (ECG) signals, often shared publicly for medical research, can be linked back to individuals. Researchers were able to re-identify people in anonymous datasets with surprising accuracy, raising ...
AI is being added to business processes faster than it is being secured, creating a wide gap that attackers are already exploiting, according to the SANS Institute. The scale of the problem Attackers are using AI to work at speeds that humans ...
In the pharmaceutical industry, clinical trial data, patient records, and proprietary drug formulas are prime targets for cybercriminals. These high-value assets make the sector a constant focus for attacks. Disruptions to research or medicine ...
Ransomware, third-party disruptions, and the rise of AI-powered attacks are reshaping the cyber risk landscape in 2025. A new midyear analysis from Resilience shows how these forces are playing out in real-world incidents and how they are ...
Here’s a look at the most interesting products from the past week, featuring releases from Cynomi, DataLocker, Gigamon, Lookout, and Relyance AI. Cynomi simplifies vendor risk management Cynomi’s TPRM provides MSPs and MSSPs with a scalable ...
Why Repository Security Is Critical in 2025Continue reading on AWS in Plain English »
Does Your Organization Understand the Strategic Importance of NHI Management? With corporations increasingly shift operations to the cloud, they face the daunting task of managing a vast array of Non-Human Identities (NHIs) – machine identities ...
Unraveling the Core Structure: What are NHIs? Are you really protecting your Non-Human Identities (NHIs) to the best of your ability? NHIs are an often misunderstood but vitally important component. They are machine identities created by ...
Creator, Author and Presenter: Vien Van, Senthil Sivasubramanian
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the ...
