Application Security News and Articles
Leveraging AI, ConductorOne’s platform secures and manages millions of human, non-human, and AI identities.
The post ConductorOne Raises $79 Million in Series B Funding appeared first on SecurityWeek.
A severe vulnerability was discovered in the React Native Community CLI, a popular open-source package downloaded nearly two million times every week by developers building cross-platform applications. Tracked as CVE-2025-11953, this flaw allows ...
A coordinated international operation has led to 18 arrests in a massive credit card fraud case worth at least €300 million. The effort, led by Eurojust, targeted a network of suspects accused of running fake online subscription services for ...
For many in the research community, it’s gotten harder to be optimistic about the impacts of artificial intelligence.
As authoritarianism is rising around the world, AI-generated “slop” is overwhelming legitimate media, while AI-generated ...
Originally published at How to Report a Suspicious Email in Australia by EasyDMARC.
Email scams are now one of the most ...
The post How to Report a Suspicious Email in Australia appeared first on EasyDMARC.
The post How to Report a Suspicious ...
Threat actors are working with organized crime groups to target freight operators and transportation companies, infiltrate their systems through RMM software, and steal cargo, which they then sell online or ship to Europe, according to Proofpoint ...
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
The funding will fuel the development of Daylight’s security operations platform and the launch of new protection modules.
The post Daylight Raises $33 Million for AI-Powered MDR Platform appeared first on SecurityWeek.
The Japanese media giant says compromised Slack credentials were used to steal employee and business partner information.
The post Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack appeared first on SecurityWeek.
Those who follow the DNS abuse landscape closely may have noticed a rise in activity and abuse reports related to TDS. The use of this infrastructure for malicious purposes is becoming increasingly common. In this blog, we look at how TDS are ...
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms.
Key ...
The gen-AI adoption management platform will invest the funds in accelerating growth and product innovations.
The post Portal26 Raises $9 Million for Gen-AI Adoption Platform appeared first on SecurityWeek.
AI-driven social engineering is transforming cyberattacks from costly, targeted operations into scalable, automated threats. As generative models enable realistic voice, video, and text impersonation, organizations must abandon stored secrets and ...
The Salesloft Drift OAuth token breach compromised Salesforce data across hundreds of enterprises, including Cloudflare, Zscaler, and Palo Alto Networks. Learn how attackers exploited OAuth tokens, the risks of connected app misuse, and key steps ...
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It ...
The United States on Tuesday imposed sanctions on a group of bankers, financial institutions and others accused of laundering money from cyber crime schemes — money the Treasury Department says helps pay for North Korea’s nuclear weapons ...
ExtraHop has announced new capabilities to detect the malicious use of PowerShell. These enhancements provide the visibility needed to disrupt the attack kill chain and deliver insight to stop lateral movement in its tracks. Remote management ...
Deepwatch has released Deepwatch NEXA, a collaborative agentic AI ecosystem that delivers outcome-focused agents to transform how MDR providers and customers work together. NEXA combines natural language interaction with agentic AI to provide ...
A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution.
The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek.
ZEDEDA has released a full-stack edge Kubernetes-as-a-Service solution that extends a cloud-native deployment experience to distributed edge environments. ZEDEDA Edge Kubernetes App Flows automates the edge application lifecycle, from packaging ...
