Application Security

The attack targets Android devices and starts with a malicious SMS message that aims to bring malware onto compromised d...

Contrast's platform detects and prevents against OWASP Top Ten risks from development to production with out-of-the-box ...

The cyber espionage group has a custom backdoor and has added the ProxyLogon Microsoft Exchange flaw to its toolkit.

One of the iOS vulnerabilities was discovered by Citizen Lab; the Google Threat Analysis Group reported iOS and macOS fl...

Researchers claim to have accessed hundreds of thousands of Windows credentials using a bug in the Autodiscover protocol...

A new survey from Forrester and VMware finds more than half of developers still think security gets in the way.

Hacker-turned-entrepreneur Marc Maiffret reflects on his past few years "embedded" with enterprise security teams and ho...

A new survey finds most shoppers will stop a transaction if asked for too much personal information or to complete many ...

Patches for dependencies are trickling up through the open source ecosystem faster than ever — a good thing because atta...

Starting in December, Google will expand its "permissions auto-reset feature" to devices using Android 6.0 and higher.

F5 Networks plans to combine its application and API security tools with Threat Stack's cloud protection capabilities.

The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptog...

Users can now delete passwords from their Microsoft account and instead use Windows Hello, Microsoft Authenticator, or p...

Neosec, founded by the security experts behind LightCyber, aims to bring principles from extended detection and response...

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.