Application Security
Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform.
Hi, what are you looking for?
SecurityWeek
Application Security
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
Application Security
Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.
Application Security
Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
Application Security
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to...
Application Security
Cyber insurance is a new branch of an old industry. That industry has centuries of experience in insuring shipping and a hundred or more...
Application Security
A security vulnerability in Small Offices/Home Offices (SOHO) routers from Netgear could be exploited to execute arbitrary code remotely as root, according to security...
Application Security
Cloud computing and virtualization technology giant VMware on Tuesday shipped an urgent security patch for a flaw in its vCenter Server product and warned...
Application Security
Security researchers at Cisco Talos have identified a new backdoor that Russian cyberespionage group Turla is believed to have been using in attacks since...
Application Security
Apple on Monday rolled out a major refresh of its flagship iOS mobile platform, adding a built-in two-factor authentication code generator and multiple anti-tracking...
Application Security
Endpoint security platform Kolide on Thursday announced that it has raised $17 million in Series B funding, for a total of $27 million raised...
Application Security
Google this week announced plans to support the Open Source Technology Improvement Fund (OSTIF) to boost the security of open source projects.
Application Security
Application security startup Neosec this week emerged from stealth mode after closing a $20.7 million Series A funding round.
Application Security
Microsoft on Tuesday shipped a major security update to blunt zero-day attacks targeting a gaping hole in its proprietary MSHTML browsing engine.
Application Security
Google has joined the list of major software providers scrambling to respond to zero-day exploits in the wild.
Application Security
Apple on Monday rolled out fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the...
Application Security
A threat actor has leaked online access credentials for 87,000 Fortinet VPN devices that were apparently compromised using a vulnerability identified and patched two...
Application Security
Attack surface management pioneer Tenable on Monday announced plans to spend $160 million in cash to snap up Accurics, an early-stage startup selling cloud-native...
Application Security
Facebook has announced plans to further improve WhatsApp privacy and security by allowing users to encrypt their message history backups in the cloud.
Application Security
The OpenSSL Project last week announced the official release of OpenSSL 3.0, a version that has been under development for the past 3 years.
Application Security
Cisco this week released patches for multiple high-severity vulnerabilities in the IOS XR software and warned that attackers could exploit these bugs to reboot...
Application Security
A critical security vulnerability in HAProxy could allow attackers to bypass security controls and access sensitive data without authorization, according to a warning from...
Application Security
GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks.
Application Security
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) this week announced they are seeking public...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late.
(Matt Honea)
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
(Trevin Edgeworth)
Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.
(Marc Solomon)