Application Security
A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...
Hi, what are you looking for?
Researchers find Smart TVs from Samsung and LG use a Shazam-like tracker to monitor what you watch. Opting out is complex and time-consuming.
A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...
Salt Security is the latest addition to a growing list of cybersecurity startups boasting billion-dollar valuations.
Microsoft’s Patch Tuesday train rumbled into Windows networks with fixes for 51 documented security vulnerabilities, some serious enough to cause full computer takeover attacks.
A high-severity security vulnerability in Argo CD could allow an attacker to access sensitive information from target applications.
Malware hunters at Microsoft are calling attention to a nasty macOS malware family that has evolved quickly from a basic information-gathering trojan to a...
Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to...
The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round...
The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority...
PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry "high...
Microsoft has announced improved security for the users of its flagship Office productivity suite, courtesy of Excel 4.0 (XLM) macros now being restricted by...
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or...
A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation,...
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without having access to the victim’s phone, according to...
Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to...
Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.
Apple has released an iOS security update with a fix for a persistent denial-of-service flaw in the HomeKit software framework but only after an...
The Apache Software Foundation (ASF) is calling out for-profit companies leeching on open-source code, warning that “only a tiny percentage” of downstream vendors are...
Threat hunters in the U.K.’s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits...