Application Security

Breaking news, news analysis, and expert commentary on application security, including tools & technologies.

A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch TuesdayMicrosoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday

The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.

byTara Seals, Managing Editor, News, Dark Reading
Dec 10, 2024
|
1 Min Read
The Debating Chamber of the Scottish Parliament in Holyrood, Edinburgh, Scotland
Cyberattacks & Data Breaches
Scottish Parliament TV at Risk From DeepfakesScottish Parliament TV at Risk From Deepfakes
byKristina Beek, Associate Editor, Dark Reading
Dec 10, 2024
1 Min Read
The Visual Studio Code logo
Cyberattacks & Data Breaches
Sprawling 'Operation Digital Eye' Attack Targets European IT Orgs'Operation Digital Eye' Attack Targets European IT Orgs
byNate Nelson, Contributing Writer
Dec 10, 2024
1 Min Read
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until AprilMicrosoft NTLM Zero-Day to Remain Unpatched Until April
byJai Vijayan, Contributing Writer
Dec 9, 2024
1 Min Read
a patchwork quilt
Vulnerabilities & Threats
Google Launches Open Source Patch Validation ToolGoogle Launches Open Source Patch Validation Tool
byJennifer Lawinski
Dec 9, 2024
1 Min Read
Still of Arnold Schwarzenegger's face from the 1990 movie Total Recall
Application Security
Microsoft Expands Access to Windows Recall AI FeatureMicrosoft Expands Access to Windows Recall AI Feature
byTara Seals, Managing Editor, News, Dark Reading
Dec 6, 2024
1 Min Read
software components connected development
Application Security
Open Source Security Priorities Get a Reshuffle
Open Source Security Priorities Get a Reshuffle
Dec 6, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
PR Logo
Application Security
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Dec 5, 2024
|
1 Min Read
DMCA logo and gavel sitting on a computer keyboard
Cyber Risk
Library of Congress Offers AI Legal Guidance to Researchers
Library of Congress Offers AI Legal Guidance to Researchers
Dec 5, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
Great Siege Tunnels, Gibraltar, featuring a tableau of seven cannons overlooking Spanish positions
Сloud Security
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Dec 5, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Mitel's corporate logo on an office building
Vulnerabilities & Threats
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Dec 5, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
PR Logo
Application Security
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Dec 4, 2024
|
1 Min Read
A magnifying glass hovering over the Veeam logo on its webpage
Vulnerabilities & Threats
Veeam Urges Updates After Discovering Critical Vulnerability
Veeam Urges Updates After Discovering Critical Vulnerability
Dec 4, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
Concept illustration of a content delivery network on a world map
Application Security
Misconfigured WAFs Heighten DoS, Breach Risks
Misconfigured WAFs Heighten DoS, Breach Risks
Dec 3, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Two hands typing on a laptop's keyboard, with a digital overlay
Threat Intelligence
Ransomware Gangs Seek Pen Testers to Boost Quality
Ransomware Gangs Seek Pen Testers to Boost Quality
Nov 29, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A blue credit card on a fish hook being dangled above a computer keyboard
Application Security
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Nov 27, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Chris Wysopal at Dark Reading News Desk at Black Hat USA 2024
Application Security
News Desk 2024: Can GenAI Write Secure Code?
News Desk 2024: Can GenAI Write Secure Code?
Nov 27, 2024
byBecky Bracken, Senior Editor, Dark Reading
Hands holing and working a tablet, overlaid with charts
Application Security
Israel Defies VC Downturn With More Cybersecurity Investments
Israel Defies VC Downturn With More Cybersecurity Investments
Nov 27, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A still from the famous orgasm scene in "When Harry Met Sally"
Application Security
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Hooded figures on the Chinese flag cover with code
Application Security
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Images of nonfungible tokens clustered together on a screen with an index finger hovering above as if to press on one
Application Security
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
OpenSea NFT Phishers Aim to Drain Crypto Wallets
Nov 26, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
PR logo
Application Security
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
Nov 26, 2024
|
1 Min Read
The app logos for ChatGPT and Claude
Application Security
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Nov 22, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
puzzle pieces with combination lock to represent secure coding practices
Application Security
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
Nov 21, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Green globe showing Africa
Cyber Risk
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
Nov 20, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
a view of a classroom in a school with tables and assignments on bulletin boards
Application Security
SWEEPS Educational Initiative Offers Application Security Training
SWEEPS Educational Initiative Offers Application Security Training
Nov 20, 2024
|
1 Min Read
byJennifer Lawinski, Contributing Writer
Words reading "Penetration test" on a blue screen
Vulnerabilities & Threats
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Nov 19, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Department of Homeland Security Logo has an eagle in the middle of the seal
Сloud Security
DHS Releases Secure AI Framework for Critical Infrastructure
DHS Releases Secure AI Framework for Critical Infrastructure
Nov 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Microsoft logo on a building
Сloud Security
Microsoft Pulls Exchange Patches Amid Mail Flow Issues
Microsoft Pulls Exchange Patches Amid Mail Flow Issues
Nov 15, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS Files
ChatGPT Exposes Its Instructions, Knowledge & OS Files
Nov 15, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Concept art of chain formed from glowy blue numbers
Application Security
Lessons From OSC&R on Protecting the Software Supply Chain
Lessons From OSC&R on Protecting the Software Supply Chain
Nov 15, 2024
|
1 Min Read
byNeatsun Ziv, CEO & Co-Founder, Ox Security
a brass two-handled trophy against a red curtain in the background.
ICS/OT Security
Frenos Takes Home the Prize at 2024 DataTribe Challenge
Frenos Takes Home the Prize at 2024 DataTribe Challenge
Nov 14, 2024
|
1 Min Read
byJennifer Lawinski, Contributing Writer
Meme showing ransomware groups ignoring cloud service providers and paying attention to PHP applications
Сloud Security
Cloud Ransomware Flexes Fresh Scripts Against Web Apps
Cloud Ransomware Flexes Fresh Scripts Against Web Apps
Nov 14, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Microsoft Power Pages' website, under a magnifying glass
Cybersecurity Operations
Microsoft Power Pages Leak Millions of Private Records
Microsoft Power Pages Leak Millions of Private Records
Nov 14, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
A laptop screen showing a blue screen of death
Сloud Security
2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit
2 Zero-Day Bugs in Microsoft's Nov. Update Under Active Exploit
Nov 12, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer

Editor's Choice

American and Chinese flags on computer keyboard keys
Cyberattacks & Data Breaches
CISA Issues Guidance to Telecom Sector on Salt Typhoon ThreatCISA Issues Guidance to Telecom Sector on Salt Typhoon Threat
byJai Vijayan, Contributing Writer
Dec 4, 2024
4 Min Read
Great Siege Tunnels, Gibraltar, featuring a tableau of seven cannons overlooking Spanish positions
Сloud Security
Russia's 'BlueAlpha' APT Hides in Cloudflare TunnelsRussia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
byTara Seals, Managing Editor, News, Dark Reading
Dec 5, 2024
2 Min Read
Mitel's corporate logo on an office building
Vulnerabilities & Threats
Bypass Bug Revives Critical N-Day in Mitel MiCollabBypass Bug Revives Critical N-Day in Mitel MiCollab
byNate Nelson, Contributing Writer
Dec 5, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe