Application Security News and Articles
Creators, Authors and Presenters: Rohit Bansal, Zach Pritchard
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the ...
A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] ...
A new report from Anthropic shows how criminals are using AI to actively run parts of their operations. The findings suggest that AI is now embedded across the full attack cycle, from reconnaissance and malware development to fraud and extortion. ...
For years, security teams focused on defending against malicious code injected into open source projects and package repositories. At Sonatype, we've tracked espionage campaigns, shadow downloads, and targeted malware designed to compromise ...
The post Email Security’s Blind Spot: Hidden Threats in Attachments appeared first on Votiro.
The post Email Security’s Blind Spot: Hidden Threats in Attachments appeared first on Security Boulevard.
Discover how to assess and advance your cyberfraud protection maturity with practical strategies and the Cyberfraud Protection Maturity Model for CISOs.
The post How to Assess Your Organization’s Cyberfraud Protection Maturity & Readiness ...
State websites and phone lines were taken offline, but officials say emergency services and personal data remain unaffected.
The post Nevada State Offices Closed Following Disruptive Cyberattack appeared first on SecurityWeek.
As students head back to school, Contrast Security customers are getting ready for more sophisticated cyberattacks. Dark Reading published a feature on the growing risks facing K-12 schools.
The post Cyber Threat Protection for K-12 Schools | ...
Unit21 has launched its Build Your Own Agent (BYOA) for banks, credit unions, and fintechs. The product enables risk and compliance teams to automate fraud and AML tasks, turning hours of manual data gathering, sorting and sifting into just ...
Qwiet AI has unveiled updates to its application security platform. These updates, which include expanded integrations across Azure DevOps, Azure Boards, and GitHub, and the introduction of new AI-powered AutoFix capabilities and an enhanced user ...
Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide.
The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek.
Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies.
The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek.
Proof-of-concept ransomware uses AI models to generate attack scripts in real time.
The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek.
Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has warned. About CVE-2025-34158 Plex Media Server ...
Nice indirect prompt injection attack:
Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks ...
Seceon’s AI/ML and Dynamic Threat Modeling (DTM) powered cybersecurity solutions are designed to close this gap, providing enterprises and Managed Security Service Providers (MSSPs) with an intelligent, automated, and cost-effective way to ...
Nisos
Executive Dark Web Exposure: Protecting your Leadership
Not long ago, a Social Security number (SSN) felt like a vault key. Private, protected, rarely seen. Today, it’s more like currency...
The post Executive Dark Web Exposure: ...
Learn how to choose the right technology stack for your web app. Ensure scalability, performance, and long-term growth with expert guidance.
The post Choosing the Right Technology Stack for Your Web Application appeared first on Security Boulevard.
This is the fifth edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in July's report, our goal is to equip security and anti-fraud teams with greater visibility into the email infrastructure ...
Learn why API testing is essential for performance, security, and reliability. Detect bugs early and boost your app’s quality.
The post The Importance Of Ensuring Robust APIs For Your Applications Through Testing appeared first on Security ...
