Application Security News and Articles
A report published today by Wallarm finds that of the 639 Common Vulnerabilities and Exposures (CVEs) pertaining to application programming interfaces (APIs) reported in Q2 2025, 34 involved issues relating to some type of use case tied to ...
Cloudflare announced new capabilities for Cloudflare One, its zero trust platform, designed to help organizations securely adopt, build and deploy emerging generative AI applications. With these new features, Cloudflare is giving customers the ...
Davis Lu was convicted in March of deploying malicious code in the systems of his employer, Eaton, when his job responsibilities change and then deployed a kill switch that denied employees access to the systems when he was fired in 2019. He was ...
Pakistani state-sponsored hacking group APT36 is targeting Linux systems in a fresh campaign aimed at Indian government entities.
The post Pakistani Hackers Back at Targeting Indian Government Entities appeared first on SecurityWeek.
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how ...
Aspire Rural Health System was targeted last year by the BianLian ransomware group, which claimed to have stolen sensitive data.
The post Aspire Rural Health System Data Breach Impacts Nearly 140,000 appeared first on SecurityWeek.
Data I/O has disclosed a ransomware attack that disrupted the company’s operations, including communications, shipping and production.
The post Chip Programming Firm Data I/O Hit by Ransomware appeared first on SecurityWeek.
Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the ...
IntroductionContinue reading on Medium »
The Anatsa Android banking trojan has expanded its target list to new countries and more cryptocurrency applications.
The post Anatsa Android Banking Trojan Now Targeting 830 Financial Apps appeared first on SecurityWeek.
Organizations invest heavily in cybersecurity tools, yet their executives still can't get a straight answer to the most fundamental question: "What are our biggest risks right now?"
The post 3 Benefits to Consider for the ROI of Cyber GRC and How ...
CISA has updated the Minimum Elements for a Software Bill of Materials (SBOM) guidance and is seeking public comment.
The post CISA Requests Public Feedback on Updated SBOM Guidance appeared first on SecurityWeek.
As developers, we love shipping features fast. But with speed often comes a hidden danger: security vulnerabilities sneaking into our code…Continue reading on Medium »
89 million Steam accounts breached! Learn how to secure your account and protect your data. Act now to safeguard your gaming identity.
The post 89 Million Steam Accounts Compromised: Change Your Password Now appeared first on Security Boulevard.
Netskope has an annual recurring revenue of more than $707 million, but it’s still not profitable, reporting a net loss of $170 million in H1.
The post SASE Company Netskope Files for IPO appeared first on SecurityWeek.
IntroductionContinue reading on Medium »
Good measurements for cyber security do not have to be technical. From a defence in depth principle it is recommended to have a mix of…Continue reading on Medium »
The Arch Linux Project has been targeted in a DDoS attack that disrupted its website, repository, and forums.
The post Arch Linux Project Responding to Week-Long DDoS Attack appeared first on SecurityWeek.
Quantum computing poses an existential threat to RSA and ECC encryption, making post-quantum cryptography (PQC) essential. This article explains quantum-safe certificates, the new NIST PQC standards, and hybrid certificates that blend classical ...
Shadow IT used to be a fringe problem, a rogue Dropbox account here, a personal Gmail there. Now, it’s everywhere. One customer said it best: “We don’t have a Shadow IT problem. We are Shadow IT.” That stuck. It’s not malice. It’s ...
