Application Security
Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations.
Hi, what are you looking for?
SecurityWeek
Application Security
Lemonade says the incident is not material and that its operations were not compromised, nor was its customer data targeted.
Application Security
GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications.
Application Security
Evidence shows a SpotBugs token compromised in December 2024 was used in the March 2025 GitHub Actions supply chain attack.
Application Security
Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers.
Application Security
The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.
Application Security
The financing was provided by S Capital and investor Mike Moritz, S32, Glilot Capital Partners, and several angel investors.
Application Security
Fake security researcher accounts seen distributing malware disguised as Chrome, Signal, WhatsApp, Discord and Exchange zero-day exploits.
Application Security
Adobe ships urgent fixes for at least a dozen flaws that expose Adobe Commerce users to code execution attacks.
Application Security
OMB has published new guidance on federal agencies obtaining security guarantees from software vendors.
Application Security
Cybersecurity news that you may have missed this week: AI regulation, layoffs, US aerospace malware attacks, and post-quantum encryption.
Application Security
VMware ships urgent patches to cover security defects that expose businesses to remote code execution attacks.
Application Security
OWASP’s ranking for the major API security risks in 2023 has been published. The list includes many parallels with the 2019 list, some reorganizations/redefinitions,...
Application Security
NCC Group announces new open source tools for finding hardcoded credentials and for distributing cloud workloads.
Application Security
Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications.
Application Security
Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain.
Application Security
Cloudflare introduces Secrets Store, a new solution to help developers and organizations securely store and manage secrets.
Application Security
Lineaje introduces SBOM360 Hub, an exchange allowing software producers, sellers, and consumers to publish, share and use SBOMs and related compliance artifacts.
Artificial Intelligence
With unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
Vulnerabilities
Vulnerabilities
Malware & Threats
Data Breaches
Cybercrime
Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US.
Cybersecurity Funding
Data Breaches
Data Breaches
Vulnerabilities
