Application Security News and Articles
Why is Scaling Secrets Security Crucial for Large Enterprises? Large enterprises hold vast amounts of sensitive information, such as customer data and intellectual property, securely stored within their corporate networks. These organizations ...
DataDome’s server-side behavioral detection blocked over 214 million malicious requests from a single IP targeting a global travel platform without downtime or disruption.
The post How DataDome Blocked 214M+ Malicious Requests With Server-Side ...
Creator/Author/Presenter: Vlad Iliushin
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events ...
via the cosmic humor & dry-as-the-desert wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘Kite Incident’ appeared first on Security Boulevard.
IRONSCALES is thrilled to announce that it has once again been recognized by G2, earning multiple Summer 2025 badges that reflect customers’ satisfaction and the platform’s market impact.
The post IRONSCALES Scores Big in G2 Summer 2025 ...
Discover EKS Pod Identity Association—the modern, secure way to grant AWS permissions without the operational overhead of OIDC providers. No more duplicated IAM roles across clusters, no more trust policy updates every time you scale.
The post ...
Matter is built on the idea that smart home devices should be secure, reliable, and easy to use. It is based on Internet Protocol (IP), which allows devices, mobile apps, and cloud services to communicate. Matter also defines a set of IP-based ...
Creator/Author/Presenter: Jordan Mecom
Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at ...
Most apps check user trust once during login—then ignore security changes for hours or days. OpenID CAEP changes this by enabling real-time communication between security systems. When a user's context changes, every connected app knows ...
A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution.
The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek.
New physics-based research suggests large language models could predict when their own answers are about to go wrong — a potential game changer for trust, risk, and security in AI-driven systems.
The post Managing the Trust-Risk Equation in AI: ...
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs ...
Hackers targeted Connex, one of the largest credit unions in Connecticut, and likely stole files containing personal information.
The post Connex Credit Union Data Breach Impacts 172,000 People appeared first on SecurityWeek.
A New Breed of Cyber Threat A new ransomware strain is making waves, not just for its technical prowess but also for the mystery behind its name: BERT Ransomware. As businesses and individuals race to defend themselves against increasingly ...
External network penetration testing is one of the best methods to find any vulnerability that can be exploited before it happens outside of your organization. New scoring systems, voluntary compliance...
The post External Network Penetration ...
A researcher has demonstrated how a platform used by over 1,000 dealerships in the US could have been used to hack cars.
The post Flaws in Major Automaker’s Dealership Systems Allowed Car Hacking, Personal Data Theft appeared first on ...
Join us for our next industry webinar where we'll be diving into the world of Agent AI security.
The post Identity-first Security for AI Agents appeared first on The Cyber Hut.
The post Identity-first Security for AI Agents appeared first on ...
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the ...
WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies.
The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on ...
Eclypsium researchers have demonstrated a BadCam attack against Lenovo cameras, but others may be impacted as well.
The post BadCam: New BadUSB Attack Turns Linux Webcams Into Persistent Threats appeared first on SecurityWeek.
