Application Security

Breaking news, news analysis, and expert commentary on application security, including tools & technologies.

Cute bug on a leaf
Vulnerabilities & Threats
Fortinet Addresses Unpatched Critical RCE VectorFortinet Addresses Unpatched Critical RCE Vector

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.

byTara Seals, Managing Editor, News, Dark Reading
Dec 19, 2024
|
1 Min Read
Apache's logo on a mobile phone screen
Application Security
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2Orgs Scramble to Fix Actively Exploited Bug in Struts 2
byNate Nelson, Contributing Writer
Dec 19, 2024
1 Min Read
A redacted document with a magnifying glass and a whistle
Data Privacy
Wald.ai Launches Data Loss Protection for AI PlatformsWald.ai Launches Data Loss Protection for AI Platforms
byFahmida Y. Rashid
Dec 18, 2024
1 Min Read
PR logo
Application Security
Delinea Joins CVE Numbering Authority ProgramDelinea Joins CVE Numbering Authority Program
Dec 17, 2024
1 Min Read
A hand at a keyboard overlaid with an AI graphic
Application Security
Does Desktop AI Come With a Side of Risk?Does Desktop AI Come With a Side of Risk?
byRobert Lemos, Contributing Writer
Dec 16, 2024
1 Min Read
In Bavaria, boy driving pedal go-kart on a tiled driveway is chased by a running woman. Both are smiling. A house and trees are in the background.
Application Security
Citizen Development Moves Too Fast for Its Own GoodCitizen Development Moves Too Fast for Its Own Good
byMichael Bargury
Dec 16, 2024
1 Min Read
Elizabeth Taylor in the 1963 movie Cleopatra
Application Security
Cleo MFT Zero-Day Exploits Are About to Escalate, Analysts Warn
Cleo MFT Zero-Day Exploits Are About to Escalate
Dec 13, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
open-source tools
Application Security
Generative AI Security Tools Go Open Source
Generative AI Security Tools Go Open Source
Dec 13, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A Coral AI USB accelerator
Vulnerabilities & Threats
With 'TPUXtract,' Attackers Can Steal Orgs' AI Models
With 'TPUXtract,' Attackers Can Steal Orgs' AI Models
Dec 13, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Statue of Prometheus, viewed from the back
Сloud Security
336K Prometheus Instances Exposed to DoS, 'Repojacking'
336K Prometheus Instances Exposed to DoS, 'Repojacking'
Dec 12, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Krispy Kreme doughnut assortment on plate
Cyberattacks & Data Breaches
Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack
Krispy Kreme Doughnut Delivery Gets Cooked in Cyberattack
Dec 11, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
A glowing purple and pink key, with dots and numbers in the background
Cyber Risk
Symmetrical Cryptography Pioneer Targets the Post-Quantum Era
Symmetrical Cryptography Pioneer Targets the Post-Quantum Era
Dec 11, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an Hour
Researchers Crack Microsoft Azure MFA in an Hour
Dec 11, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
Microsoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
Dec 10, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
The Debating Chamber of the Scottish Parliament in Holyrood, Edinburgh, Scotland
Cyberattacks & Data Breaches
Scottish Parliament TV at Risk From Deepfakes
Scottish Parliament TV at Risk From Deepfakes
Dec 10, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
The Visual Studio Code logo
Cyberattacks & Data Breaches
Sprawling 'Operation Digital Eye' Attack Targets European IT Orgs
'Operation Digital Eye' Attack Targets European IT Orgs
Dec 10, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Dec 9, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
a patchwork quilt
Vulnerabilities & Threats
Google Launches Open Source Patch Validation Tool
Google Launches Open Source Patch Validation Tool
Dec 9, 2024
|
1 Min Read
byJennifer Lawinski, Contributing Writer
Still of Arnold Schwarzenegger's face from the 1990 movie Total Recall
Application Security
Microsoft Expands Access to Windows Recall AI Feature
Microsoft Expands Access to Windows Recall AI Feature
Dec 6, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
software components connected development
Application Security
Open Source Security Priorities Get a Reshuffle
Open Source Security Priorities Get a Reshuffle
Dec 6, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
PR Logo
Application Security
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Dec 5, 2024
|
1 Min Read
DMCA logo and gavel sitting on a computer keyboard
Cyber Risk
Library of Congress Offers AI Legal Guidance to Researchers
Library of Congress Offers AI Legal Guidance to Researchers
Dec 5, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
Great Siege Tunnels, Gibraltar, featuring a tableau of seven cannons overlooking Spanish positions
Сloud Security
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Dec 5, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Mitel's corporate logo on an office building
Vulnerabilities & Threats
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Dec 5, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
PR Logo
Application Security
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Dec 4, 2024
|
1 Min Read
A magnifying glass hovering over the Veeam logo on its webpage
Vulnerabilities & Threats
Veeam Urges Updates After Discovering Critical Vulnerability
Veeam Urges Updates After Discovering Critical Vulnerability
Dec 4, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
Concept illustration of a content delivery network on a world map
Application Security
Misconfigured WAFs Heighten DoS, Breach Risks
Misconfigured WAFs Heighten DoS, Breach Risks
Dec 3, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Two hands typing on a laptop's keyboard, with a digital overlay
Threat Intelligence
Ransomware Gangs Seek Pen Testers to Boost Quality
Ransomware Gangs Seek Pen Testers to Boost Quality
Nov 29, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A blue credit card on a fish hook being dangled above a computer keyboard
Application Security
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Nov 27, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Chris Wysopal at Dark Reading News Desk at Black Hat USA 2024
Application Security
News Desk 2024: Can GenAI Write Secure Code?
News Desk 2024: Can GenAI Write Secure Code?
Nov 27, 2024
byBecky Bracken, Senior Editor, Dark Reading
Hands holing and working a tablet, overlaid with charts
Application Security
Israel Defies VC Downturn With More Cybersecurity Investments
Israel Defies VC Downturn With More Cybersecurity Investments
Nov 27, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A still from the famous orgasm scene in "When Harry Met Sally"
Application Security
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Hooded figures on the Chinese flag cover with code
Application Security
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Images of nonfungible tokens clustered together on a screen with an index finger hovering above as if to press on one
Application Security
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
OpenSea NFT Phishers Aim to Drain Crypto Wallets
Nov 26, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
PR logo
Application Security
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
Nov 26, 2024
|
1 Min Read

Editor's Choice

A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an HourResearchers Crack Microsoft Azure MFA in an Hour
byElizabeth Montalbano, Contributing Writer
Dec 11, 2024
4 Min Read
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until AprilMicrosoft NTLM Zero-Day to Remain Unpatched Until April
byJai Vijayan, Contributing Writer
Dec 9, 2024
3 Min Read
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch TuesdayMicrosoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
byTara Seals, Managing Editor, News, Dark Reading
Dec 10, 2024
5 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe