Application Security News and Articles
At Black Hat, Robert Johnston and Vikram Ramesh of N-able talk about the growing security pressures on small and mid-sized businesses. They note that ransomware and credential-based attacks are climbing sharply in the mid-market. Attackers who ...
Organizations that treat HIPAA compliance as a living, breathing part of their operations, not just an annual checkbox, are the ones best positioned to protect patient data, mitigate risk, and build enduring trust with patients and partners. ...
Zero day—zero clue: Old, bug-prone app relies on you to go look for update files.
The post ANOTHER WinRAR 0-Day: Don’t Patch Now — Uninstall It! appeared first on Security Boulevard.
PureRAT is a Remote Access Trojan, which can be used by an attacker to remotely control someone else's PC. PureRAT provides the following features to an attacker: See the victims user interfaceInteract with the victim PC using mouse and ...
IBM’s 2025 Cost of a Data Breach Report drives home that point: attackers today are often “logging in rather than hacking in".
The post IBM’s Cost of a Data Breach Report 2025 appeared first on Security Boulevard.
Researchers just proved LLMs can autonomously plan and execute full-scale cyberattacks — turning AI from a tool into an active threat actor.
The post And Now, LLMs Don’t Need Human Intervention to Plan and Executive Large, Complex Attacks ...
Rapid7’s analysis of dark web forums reveals a thriving market where elite hackers sell corporate network access to buyers, turning cybercrime into a streamlined business.
The post Inside the Dark Web’s Access Economy: How Hackers Sell the ...
Creator, Author and Presenter: Wendy Nather
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s ...
FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix Bleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices. ...
Researchers at the WHY2025 hacker forum said they were able to combine the Spectre and L1TF processor vulnerabilities discovered in 2018 to create a new transient execution attack called L1TF Reloaded that allowed them to leak data from AWS and ...
Prove launched Unified Authentication, an authentication solution that passively and persistently recognizes customers, no matter where they appear or how often their devices or credentials change. This launch reflects a critical market shift: ...
Trend Micro announced new agentic AI technology designed to solve the traditional pain points associated with Security Information and Event Management (SIEM). When combined with Trend’s digital twin capabilities it will help to transform ...
What kills most companies in a breach isn’t the first break-in. It’s what happens next. One stolen password turns into ten compromised systems, and suddenly your backups are toast, your finance apps are locked, and the help desk is sprinting ...
Rubrik launched Agent Rewind, following the close of Rubrik’s acquisition of Predibase. Agent Rewind, powered by Predibase AI infrastructure, will enable organizations to undo mistakes made by agentic AI by providing visibility into ...
1Kosmos has raised $57 million in Series B funding, which brings the total raised by the company to $72 million.
The post 1Kosmos Raises $57 Million for Identity Verification and Authentication Platform appeared first on SecurityWeek.
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been ...
Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
The post CodeSecCon Is Today: Where Software ...
In 2025, cybersecurity isn’t just IT’s job — it’s a core business survival skill against faster, smarter and more targeted threats.
The post What are the Biggest Cybersecurity Nightmares Your Business Might Face in 2025? appeared first on ...
Many global regulations and legislations have strict requirements around Java application security, incident reporting, and more. Azul has an unmatched set of solutions.
The post Three Ways to Ensure Regulatory and Legislative Compliance with ...
SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities.
The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek.
