Application Security News and Articles
Wytec’s website was defaced twice by unknown threat actors more than a week ago and it has yet to be brought back online.
The post Wytec Expects Significant Financial Loss Following Website Hack appeared first on SecurityWeek.
ESET Research has identified a new threat group called GhostRedirector. In June 2025, this group broke into at least 65 Windows servers, mostly in Brazil, Thailand, Vietnam, and the United States. Countries where GhostRedirector victims were ...
Most B2B companies build cybersecurity programs backwards - starting with compliance instead of real security. Learn why this approach fails and how fractional CISO services can help you build effective security that actually prevents breaches ...
Discover how AI and machine learning reduce flaky tests, cut maintenance costs, and improve accuracy in modern automated testing.
The post AI in Automated Testing: How Machine Learning Reduces Flaky Tests and Maintenance Costs appeared first on ...
Discover how AI-powered passwordless authentication boosts security, prevents fraud, and simplifies logins with biometrics and passkeys.
The post AI-Enabled Fraud Detection in Passwordless Login Flows appeared first on Security Boulevard.
Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides.
The post Hackers Exploit Sitecore Zero-Day for Malware Delivery appeared first on SecurityWeek.
Elevation of privilege flaws in Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352) have been exploited in targeted attacks.
The post Two Exploited Vulnerabilities Patched in Android appeared first on SecurityWeek.
Cato Networks acquired Aim Security to further enhance the Cato SASE Cloud Platform, supporting secure enterprise adoption of AI agents and both public and private AI applications. Cato has now exceeded $300 million in annual recurring revenue ...
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall back on CVSS scores, which label thousands of flaws as “high” or ...
Salesforce has become a major target for attackers in 2025, according to new WithSecure research into threats affecting customer relationship management (CRM) platforms. The report shows that malicious activity inside Salesforce environments rose ...
Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6507); This vulnerability is a bypass of CVE-2024-45758 and CVE-2024-10553. Due to the deserialization ...
In the first half of 2025, there were 8,062,971 DDoS attacks worldwide, with EMEA taking the brunt at 3.2 million attacks, according to Netscout. Peak attacks reached speeds of 3.12 Tbps and 1.5 Gpps. These attacks have moved beyond simple ...
Co-founded by former MITRE experts, the startup will use the funding to accelerate product innovation and fuel company growth.
The post Tidal Cyber Raises $10 Million for CTI and Adversary Behavior Platform appeared first on SecurityWeek.
Discover how a CIAM platform centralizes customer identities, eliminates data silos, and powers secure, personalized experiences across 150+ integrations.
The post Why a CIAM Platform is Central to Your Identity Strategy appeared first on ...
Understanding the Significance of NHIs in Cybersecurity Why are Non-Human Identities (NHIs) so crucial in cybersecurity? These machine identities consist of Secrets (encrypted tokens, keys, or passwords) and permissions that are akin to a ...
How Can Non-Human Identities (NHIs) Enhance Cloud Security? Is your organization leveraging the power of Non-Human Identities (NHIs) and Secrets Security Management to fortify cloud security? If not, you could be leaving yourself vulnerable to ...
A new round of mobile phish is imitating the State of California's "Franchise Tax Board" in a round of phishing sites that are gaining prominence in the past few days. I visited ftb.ca-gov-sg[.]top/notice from a burner phone to see how the scheme ...
Scaling Kubernetes isn’t just about launching containers—it’s about choosing support models that truly let developers innovate instead of drowning in operational noise. Recently, I read Kathie Clark’s excellent blog, “What I Got Wrong ...
Most cyberattacks today follow a predictable pattern. Attackers steal or abuse privileged credentials to gain access and then move laterally across systems to reach valuable data. Add to that the new risk from AI and agentic AI systems abusing ...
Cloudflare, Palo Alto Networks, and Zscaler are the latest among hundreds of victims of an expanding data-stealing attack by the UNC6395 threat group that is exploiting compromised OAuth tokens associated with Salesloft's Drift app to access ...
