Application Security
The Apache Software Foundation (ASF) is calling out for-profit companies leeching on open-source code, warning that “only a tiny percentage” of downstream vendors are...
Hi, what are you looking for?
SecurityWeek
Privacy & Compliance
The Meta-owned communications app is filing a federal court contempt order against NSO.
Privacy
Claims that “Microsoft is running one of the largest corporate espionage operations in modern history” face scrutiny as researchers analyze LinkedIn’s browser extension probing
Privacy & Compliance
Britain’s data privacy watchdog slapped online forum Reddit on Tuesday with a fine worth nearly $20 million for failures involving children’s personal information.
Government
Other noteworthy stories that might have slipped under the radar: vulnerabilities at 277 water systems, DoD employee acting as money mule, 200 airports exposed...
Cybercrime
The U.S. State Department and the National Counterintelligence and Security Center (NCSC) on Friday issued a warning over the use of commercial surveillance tools.
Compliance
A judge said Thursday he will fine Cyber Ninjas, the contractor that led Arizona Republicans’ 2020 election review, $50,000 a day if the firm...
Data Protection
Switzerland's army has banned the use of WhatsApp whilst on duty, a spokesman confirmed Thursday, in favour of a Swiss messaging service deemed more...
Compliance
French regulators have hit Google and Facebook with 210 million euros ($237 million) in fines over their use of "cookies", the data used to...
Application Security
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code...
Application Security
Users of the popular LastPass password manager are being targeted in so-called “credential stuffing” attacks that use email addresses and passwords obtained from third-party...
Application Security
Gabriel Weinberg’s DuckDuckGo is taking aim at the desktop browser market, betting that default privacy-centric settings will provide safer alternatives to Google’s Chrome and...
Application Security
French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident.The data breach was the...
Application Security
The University of Toronto’s Citizen Lab has discovered another player in the private sector mobile spyware business, fingering a tiny North Macedonia company called...
Application Security
Security researchers at Google’s Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that...
Application Security
Venture capital investors are continuing to bet big on cloud security technologies with two early-stage startups announcing a combined $130 million in funding for...
Cloud Security
The United States and Australia signed an agreement Wednesday to ease access by their justice departments to digital phone and email records needed in...
Application Security
Famed hacker Dan Kaminsky has been inducted in the Internet Society’s Hall of Fame for his groundbreaking contributions to DNS (domain name system) security.
Application Security
IronScales, a company that leverages artificial intelligence in technology for email security, has closed a $64 million Series C funding round.The investment round was...
Application Security
Grip Security, an Israeli startup that helps organizations securely adopt software-as-a-service (SaaS), on Tuesday announced the closing of a $19 million Series A funding...
Application Security
Web traffic protection provider Kasada on Monday announced it has raised $23 million in Series C funding. To date, the company has raised $39...
Application Security
The U.S. government’s cybersecurity agency has updated its catalog of “known exploited vulnerabilities” and set deadlines for federal agencies to apply fixes for security...
Application Security
Privacy-focused technology startup Soveren on Tuesday announced it has closed a $6.5 million seed round led by firstminute capital. Northzone also invested in the...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)