Application Security News and Articles
Announcing the Fabricate Data Agent, synthetic data generation via agentic AI. Plus, Structural's Custom Categorical is now AI-assisted, and Model-based Custom Entities are coming to Textual!
The post Tonic.ai product updates: October 2025 ...
Many organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, ...
Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense.
The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek.
In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of ...
Cyber risk assessment is the heart of modern cyber risk management. In 2025, as enterprises face AI-driven attacks, record ransomware volumes, and regulators demanding operational resilience, the ability to assess cyber risks in business and ...
Listen to the Audio on NextBigIdeaClub.com
Below, co-authors Bruce Schneier and Nathan E. Sanders share five key insights from their new book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship.
What’s the big ...
Wallarm’s latest Q3 2025 API ThreatStats report [link placeholder] reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business ...
Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation.
The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek.
Discover how to balance employee monitoring and privacy using transparent oversight and passwordless authentication tools like MojoAuth.
The post The Privacy Paradox: Balancing Employee Monitoring and Secure Authentication appeared first on ...
The private equity firm will purchase the outstanding shares of Jamf common stock for $13 per share in an all-cash transaction.
The post Jamf to Go Private Following $2.2 Billion Acquisition by Francisco Partners appeared first on SecurityWeek.
Zero-trust isn’t just technology — it’s a human-centered strategy. Real security depends on context, judgment and collaboration, not automation alone.
The post Elevating the Human Factor in a Zero-Trust World appeared first on Security ...
The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware.
The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek.
ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for ...
The 130-page document covers several important aspects and it’s available in both Japanese and English.
The post Japan Issues OT Security Guidance for Semiconductor Factories appeared first on SecurityWeek.
Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe, Canada ...
AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. Cybercriminals see the same opening, and it may only be a matter of time ...
The widespread adoption of IoT technologies has greatly improved connectivity and convenience across industries, homes, and infrastructure. Yet, this growth has also brought a range of security challenges stemming from limited device resources, ...
In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and ...
With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the ...
In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for an audit. He breaks down what often frustrates auditors, why ...
