Application Security

Breaking news, news analysis, and expert commentary on application security, including tools & technologies.

Toys left in sandbox of empty playground
Application Security
Critical Open Source vm2 Sandbox Escape Bug Affects MillionsCritical Open Source vm2 Sandbox Escape Bug Affects Millions

Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine.

byElizabeth Montalbano, Contributing Writer
Oct 11, 2022
|
1 Min Read
thumbnail
Application Security
LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source SoftwareLofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software
byNathan Eddy, Contributing Writer
Oct 7, 2022
1 Min Read
Image of an Apple laptop
Application Security
macOS Archive Utility Bug Lets Malicious Apps Bypass Security ChecksmacOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks
byDark Reading Staff
Oct 6, 2022
1 Min Read
thumbnail
Application Security
Contrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React, and jQuery FrameworksContrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React, and jQuery Frameworks
Oct 6, 2022
1 Min Read
Woman adjusting lights with app on tablet
Application Security
Ikea Smart Light System Flaw Lets Attackers Turn Bulbs on Full BlastIkea Smart Light System Flaw Lets Attackers Turn Bulbs on Full Blast
byDark Reading Staff
Oct 5, 2022
1 Min Read
thumbnail
Sponsored Content
Secure Your Application Layer, Secure Your BusinessSecure Your Application Layer, Secure Your Business
Oct 5, 2022
1 Min Read
Red paper with a torn out hole and the words common mistakes against a white background is visible.
Application Security
The Top 4 Mistakes in Security Programs to Avoid
The Top 4 Mistakes in Security Programs to Avoid
Sep 30, 2022
|
1 Min Read
+1
byChris Kirk, Anthony Petitoand 1 more
laptop open with microsoft exchange logo displayed on screen
Application Security
Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet
Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet
Sep 30, 2022
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Application Security
Safous Adds Browser Isolation to Its Zero-Trust Network Access Service
Safous Adds Browser Isolation to Its Zero-Trust Network Access Service
Sep 30, 2022
|
1 Min Read
Application Security
Latest Delinea Update Streamlines DevOps Security
Latest Delinea Update Streamlines DevOps Security
Sep 29, 2022
|
1 Min Read
Application Security
Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch
Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch
Sep 29, 2022
|
1 Min Read
Image of screen displaying chrome browser home page
Application Security
Google Quashes 5 High-Severity Bugs With Chrome 106 Update
Google Quashes 5 High-Severity Bugs With Chrome 106 Update
Sep 28, 2022
|
1 Min Read
byDark Reading Staff
Illustration of a hand reaching out to a glowing glass panel with DevOps displayed on it, along with various icons
Application Security
Google Cloud DORA: Securing the Supply Chain Begins With Culture
Google Cloud DORA: Securing the Supply Chain Begins With Culture
Sep 28, 2022
|
1 Min Read
byRobert Lemos, Contributing Writer
mergers and acquisitions concept image
Application Security
Despite Recession Jitters, M&A Dominates a Robust Cybersecurity Market
Despite Recession Jitters, M&A Dominates a Robust Cybersecurity Market
Sep 26, 2022
|
1 Min Read
byJai Vijayan, Contributing Writer
Microsoft 365 icons on a laptop that's sitting on a table
Application Security
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps
Sep 23, 2022
|
1 Min Read
byNathan Eddy, Contributing Writer
red npm logo printed on paper
Application Security
Malicious npm Package Poses as Tailwind Tool
Malicious npm Package Poses as Tailwind Tool
Sep 22, 2022
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Application Security
StackHawk Launches Deeper API Security Test Coverage to Improve the Security of APIs
StackHawk Launches Deeper API Security Test Coverage to Improve the Security of APIs
Sep 22, 2022
|
1 Min Read
Gold coins with cryptocurrency logos on them
Application Security
Wintermute DeFi Platform Offers Hacker a Cut in $160M Crypto-Heist
Wintermute DeFi Platform Offers Hacker a Cut in $160M Crypto-Heist
Sep 21, 2022
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
storefront in london with spy shop sign
Application Security
Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance
Sophisticated Hermit Mobile Spyware Heralds Wave of Government Surveillance
Sep 21, 2022
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Generic cybersecurity art
Application Security
Data Scientists Dial Back Use of Open Source Code Due to Security Worries
Data Scientists Dial Back Use of Open Source Code Due to Security Worries
Sep 21, 2022
|
1 Min Read
byRobert Lemos, Contributing Writer
python snake coiled up
Application Security
15-Year-Old Python Flaw Slithers into Software Worldwide
15-Year-Old Python Flaw Slithers into Software Worldwide
Sep 21, 2022
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Google Chrome icon on computer desktop
Application Security
Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords
Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords
Sep 20, 2022
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Ransomware alert on laptop screen
Application Security
Survey Shows CISOs Losing Confidence in Ability to Stop Ransomware Attacks
Survey Shows CISOs Losing Confidence in Ability to Stop Ransomware Attacks
Sep 20, 2022
|
1 Min Read
byDark Reading Staff
Application Security
Invicti Security and ESG Report on How Companies are Shifting for Higher Quality, Secure Application Code
Invicti Security and ESG Report on How Companies are Shifting for Higher Quality, Secure Application Code
Sep 20, 2022
|
1 Min Read
a green heart with 0 and 1 inside showing resilience
Application Security
5 Steps to Strengthening Cyber Resilience
5 Steps to Strengthening Cyber Resilience
Sep 19, 2022
|
1 Min Read
byMicrosoft Security
Image of the white house and Washington monument
Application Security
White House Guidance Recommends SBOMs for Federal Agencies
White House Guidance Recommends SBOMs for Federal Agencies
Sep 14, 2022
|
1 Min Read
byDark Reading Staff
Sponsored Content
Report Highlights Prevalence of Software Supply Chain Risks
Report Highlights Prevalence of Software Supply Chain Risks
Sep 12, 2022
|
1 Min Read
GDPR privacy regulation logo
Application Security
Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram
Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram
Sep 8, 2022
|
1 Min Read
byDark Reading Staff
The word linux floats on a dark background
Application Security
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration
Sep 6, 2022
|
1 Min Read
byJai Vijayan, Contributing Writer
software programming code on computer screen
Application Security
Threat Actor Phishing PyPI Users Identified
Threat Actor Phishing PyPI Users Identified
Sep 1, 2022
|
1 Min Read
byJai Vijayan, Contributing Writer
DevSecOps concept art
Application Security
How DevSecOps Empowers Citizen Developers
How DevSecOps Empowers Citizen Developers
Aug 26, 2022
|
1 Min Read
byDaniel Riedel
Application Security
Capital One Joins Open Source Security Foundation
Capital One Joins Open Source Security Foundation
Aug 26, 2022
|
1 Min Read
Close up of a Burmese python coiled up
Application Security
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious
Aug 23, 2022
|
1 Min Read
byRobert Lemos, Contributing Writer
logo in a gray background |
Application Security
Secureworks: How To Distinguish Hype From Reality With AI in SecOps
Secureworks: How To Distinguish Hype From Reality With AI in SecOps
Aug 22, 2022
byDark Reading Staff
Application Security
Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out
Which Security Bugs Will Be Exploited? Researchers Create an ML Model to Find Out
Aug 18, 2022
|
1 Min Read
byRobert Lemos, Contributing Writer

Editor's Choice

Pegasus Spyware concept with binary code background
Endpoint Security
WhatsApp: NSO Group Operates Pegasus Spyware for CustomersWhatsApp: NSO Group Operates Pegasus Spyware for Customers
byJai Vijayan, Contributing Writer
Nov 18, 2024
4 Min Read
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall BugPalo Alto Networks Patches Critical Zero-Day Firewall Bug
byBecky Bracken, Senior Editor, Dark Reading
Nov 18, 2024
3 Min Read
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS FilesChatGPT Exposes Its Instructions, Knowledge & OS Files
byNate Nelson, Contributing Writer
Nov 15, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe