Application Security
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Hi, what are you looking for?
SecurityWeek
Compliance
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
Compliance
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.
Compliance
Cyber regulations are where politics meets business – where business becomes subject to political realities.
Compliance
A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors.
Application Security
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center...
Application Security
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information.
Application Security
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing...
Compliance
Sephora Inc., one of the world’s largest cosmetics retailers, has settled a lawsuit claiming that the company sold customer information without proper notice in...
Audits
Google is breaking EU law by sending users of its email service Gmail direct advertising messages, activists said in a complaint sent to French...
Application Security
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted...
Compliance
A class action lawsuit filed against Oracle on Friday in the Northern District of California claims that the tech giant has built a worldwide...
Application Security
Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.The vulnerability, tracked...
Application Security
Healthcare services provider Novant Health has sent notifications to more than 1.3 million individuals that their protected health information (PHI) might have been inadvertently...
Compliance
A researcher has conducted an analysis to see how major companies could track user activity through their mobile in-app browsers, and released a free...
Application Security
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against...
Application Security
TXOne Networks, a joint venture between cybersecurity firm Trend Micro and industrial networking solutions provider Moxa, has banked $70 million in new venture capital...
Application Security
Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship...
Audits
Whether it’s the fitness tracker on your wrist, the “smart” home appliances in your house or the latest kids’ fad going viral in online...
Application Security
LAS VEGAS - BLACK HAT USA 2022 - An analysis conducted by two researchers has revealed that some commercial cybersecurity products rely on algorithms...
Compliance
Privya emerged from stealth mode on Tuesday with a data privacy-focused code scanning platform and $6 million in seed funding.
Application Security
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that...
Application Security
Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.The Austin-based company...
Application Security
Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw...
Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.
RegisterThis year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.
RegisterExpert Insights
From hidden content injections to cognitive state poisoning, attackers are turning trusted data sources into traps for autonomous AI.
(Etay Maor)
Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage.
(Torsten George)
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)