Application Security Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Application Security

RevEng.ai Raises $4.15 Million to Secure Software Supply Chain

RevEng.ai has raised $4.15 million in seed funding for an AI platform that automatically detects malicious code and vulnerabilities in software.

Ionut ArghireJune 27, 2025

Application Security

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth

New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023.

Kevin TownsendJune 25, 2025

Application Security

Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.

Kevin TownsendJune 10, 2025

Application Security

Watch Now: Why Context is a Secret Weapon in Application Security Posture Management

Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.

SecurityWeek NewsMay 30, 2025

Application Security

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...

Kevin TownsendAugust 27, 2024

Application Security

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team

For years, many CISOs have struggled to influence their development cohort on the importance of putting security first.

Matias MadouAugust 20, 2024

Application Security

GitHub Makes Copilot Autofix Generally Available

GitHub has made AI-powered Copilot Autofix generally available to help developers fix code vulnerabilities faster.

Ionut ArghireAugust 15, 2024

Application Security

Homebrew Security Audit Finds 25 Vulnerabilities

Vulnerabilities in Homebrew could have allowed attackers to load executable code and modify binary builds, security audit finds.

Ionut ArghireAugust 1, 2024

Application Security

Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw

Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world.

Kevin TownsendJuly 29, 2024

Application Security

Application Security Startup Heeler Raises $8.5 Million in Seed Funding

Heeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology.

Ionut ArghireJuly 22, 2024

Application Security

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Ionut ArghireJuly 12, 2024

Application Security

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce

Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools.

Ionut ArghireJuly 9, 2024

Application Security

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks

EVA Information Security has shared details on three CocoaPods vulnerabilities impacting millions of macOS and iOS applications.

Ionut ArghireJuly 2, 2024

Application Security

PortSwigger Scores Hefty $112 Million Investment

The British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital.

SecurityWeek NewsJuly 1, 2024

Application Security

US, Allies Warn of Memory Unsafety Risks in Open Source Software

Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn.

Ionut ArghireJune 27, 2024

Application Security

‘Phantom’ Source Code Secrets Haunt Major Organizations

Aqua Security shows that code in repositories remains accessible even after being deleted or overwritten, continuing to leak secrets.

Ionut ArghireJune 27, 2024

Application Security

Critical Flaw in AI Python Package Can Lead to System and Data Compromise

A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers.

Eduard KovacsMay 17, 2024

Application Security

Adobe Adds Content Credentials and Firefly to Bug Bounty Program

Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.

Ionut ArghireMay 1, 2024

Application Security

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.

Ionut ArghireApril 18, 2024

Application Security

Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology

YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology.

Kevin TownsendApril 17, 2024

Application Security

NightVision Raises $5.4 Million for Application Security Testing

NightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding.

Ionut ArghireApril 15, 2024

Application Security

‘BatBadBut’ Command Injection Vulnerability Affects Multiple Programming Languages

A critical vulnerability in multiple programming languages allows attackers to inject commands in Windows applications.

Ionut ArghireApril 12, 2024

Application Security

Security Flaw in WP-Members Plugin Leads to Script Injection

A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages.

Ionut ArghireApril 2, 2024

Application Security

Veracode Buys Longbow Security for Automated Root Cause Analysis Tech

Veracode announces a deal to acquire Longbow Security, a Texas seed-stage startup working on automated root cause analysis technology.

Ryan NaraineApril 1, 2024

Page 3 of 74‹ Previous 1 234 5 6 7 Next ›Last »

Virtual Event: Threat Detection and Incident Response Summit

May 21, 2025

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM

May 29, 2025

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Jessica Newman has joined Sophos as General Manager of Global Cyber Insurance.

Breach and attack simulation solutions provider AttackIQ has appointed Pete Luban as Field Chief Information Security Officer.

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

More People On The Move

SECURITYWEEK NETWORK:

ICS:

Application Security

RevEng.ai Raises $4.15 Million to Secure Software Supply Chain

Application Security

Thousands of SaaS Apps Could Still Be Susceptible to nOAuth

Application Security

Five Zero-Days, 15 Misconfigurations Found in Salesforce Industry Cloud

Application Security

Watch Now: Why Context is a Secret Weapon in Application Security Posture Management

Application Security

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

Application Security

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team

Application Security

GitHub Makes Copilot Autofix Generally Available

Application Security

Homebrew Security Audit Finds 25 Vulnerabilities

Application Security

Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw

Application Security

Application Security Startup Heeler Raises $8.5 Million in Seed Funding

Application Security

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Application Security

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce

Application Security

Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks

Application Security

PortSwigger Scores Hefty $112 Million Investment

Application Security

US, Allies Warn of Memory Unsafety Risks in Open Source Software

Application Security

‘Phantom’ Source Code Secrets Haunt Major Organizations

Application Security

Critical Flaw in AI Python Package Can Lead to System and Data Compromise

Application Security

Adobe Adds Content Credentials and Firefly to Bug Bounty Program

Application Security

SAP Applications Increasingly in Attacker Crosshairs, Report Shows

Application Security

Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology

Application Security

NightVision Raises $5.4 Million for Application Security Testing

Application Security

‘BatBadBut’ Command Injection Vulnerability Affects Multiple Programming Languages

Application Security

Security Flaw in WP-Members Plugin Leads to Script Injection

Application Security

Veracode Buys Longbow Security for Automated Root Cause Analysis Tech

Daily Briefing Newsletter

Trending

Virtual Event: Threat Detection and Incident Response Summit

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM

People on the move

Expert Insights

What Can Businesses Do About Ethical Dilemmas Posed by AI?

Like Ransoming a Bike: Organizational Muscle Memory Drives the Most Effective Response

Why Sincerity Is a Strategic Asset in Cybersecurity

Identity Is the New Perimeter: Why Proofing and Verification Are Business Imperatives

Choosing a Clear Direction in the Face of Growing Cybersecurity Demands

Daily Briefing Newsletter