Application Security News and Articles
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 popular JavaScript packages with over 2.6 billion weekly downloads. By tricking a maintainer into revealing credentials and ...
Over half of internet-exposed cloud and non-cloud assets in Global 2000 companies lack web application firewall (WAF) protection, leaving sensitive data vulnerable amid rising cybersecurity threats and AI-driven attacks, according to a CyCognito ...
Data breaches cost more for financial organizations than they do for those in many other industries. In attempting to strengthen your financial organization’s cybersecurity, you must contend with evolving regulatory obligations, outdated IT ...
In May 2024, hackers stole names, Social Security numbers, financial information, and protected health information from the hospital’s systems.
The post 160,000 Impacted by Wayne Memorial Hospital Data Breach appeared first on SecurityWeek.
The attacker deployed multiple malware families, including two backdoors and a proxy tunneller, and various reconnaissance tools.
The post Threat Actor Connected to Play, RansomHub and DragonForce Ransomware Operations appeared first on SecurityWeek.
The industrial cybersecurity firm will become a wholly owned subsidiary of Mitsubishi Electric.
The post Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion appeared first on SecurityWeek.
Silobreaker has launched Requirements, a new way for threat intelligence (TI) teams to define, operationalize and measure Priority Intelligence Requirements (PIRs). The new capability combines a PIR library with integrated monitoring tools and ...
Hackers accessed emails, usernames, password hashes, and authentication data stored in a Plex database.
The post Plex Urges Password Resets Following Data Breach appeared first on SecurityWeek.
SentinelOne is buying Observo AI for a combination of cash and stock to boost its SIEM and data offerings.
The post SentinelOne to Acquire Observo AI in $225 Million Deal appeared first on SecurityWeek.
Here’s a wake up call for Financial Institutions like you! Digital lending applications (DLAs) have revolutionized how Indians borrow loans. It can be now approved in minutes via a smartphone. But behind this convenience lurk hidden security ...
Losing a phone can mean losing years of conversations. Signal is rolling out a new secure backup feature to help users keep their messages safe without giving up privacy. The problem with lost chats Signal has long avoided cloud backups because ...
Code reviews are already one of the biggest bottlenecks in modern software delivery. But when developers are asked to review an unfamiliar…Continue reading on Medium »
If you’ve ever opened a pull request and then watched it collect dust in a review queue, you’re not alone. For developers, waiting on…Continue reading on Medium »
Understand the key differences between Privileged Access Management (PAM) and Enterprise Password Management (EPM) to enhance your organization's security posture.
The post Differences Between Privileged Access Management and Enterprise Password ...
Nearly 500 scientists and researchers have signed an open letter warning that the latest version of the EU’s Chat Control Proposal would weaken digital security while failing to deliver meaningful protection for children. The signatories ...
Researchers have spotted a malvertising (and clever malware delivery) campaign targeting IT workers in the European Union with fake GitHub Desktop installers. “We believe the goal of this campaign was to gain initial access to organizations ...
Explore how to implement passwordless authentication using PAM, focusing on scenarios without local user accounts. Learn about the benefits, methods, and security considerations.
The post Using PAM for Passwordless Authentication without Local ...
Connected cars are already on Europe’s roads, loaded with software, sensors, and constant data connections. Drivers love the features these vehicles bring, from remote apps to smart navigation, but each new connection also opens a door to ...
Railway systems are the lifeblood of many economies, supporting everything from daily passenger transport to military and industrial operations, so the question arises: how secure are they from a cybersecurity perspective? Like all industries, ...
Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are missing basic safeguards to manage this data. Security control ...
