Application Security

Breaking news, news analysis, and expert commentary on application security, including tools & technologies.

Elizabeth Taylor in the 1963 movie Cleopatra
Application Security
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts WarnCleo MFT Zero-Day Exploits Are About Escalate

Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.

byBecky Bracken, Senior Editor, Dark Reading
Dec 13, 2024
|
1 Min Read
open-source tools
Application Security
Generative AI Security Tools Go Open SourceGenerative AI Security Tools Go Open Source
byRobert Lemos, Contributing Writer
Dec 13, 2024
1 Min Read
A Coral AI USB accelerator
Vulnerabilities & Threats
With 'TPUXtract,' Attackers Can Steal Orgs' AI ModelsWith 'TPUXtract,' Attackers Can Steal Orgs' AI Models
byNate Nelson, Contributing Writer
Dec 13, 2024
1 Min Read
Statue of Prometheus, viewed from the back
Сloud Security
336K Prometheus Instances Exposed to DoS, 'Repojacking'336K Prometheus Instances Exposed to DoS, 'Repojacking'
byNate Nelson, Contributing Writer
Dec 12, 2024
1 Min Read
Krispy Kreme doughnut assortment on plate
Cyberattacks & Data Breaches
Krispy Kreme Doughnut Delivery Gets Cooked in CyberattackKrispy Kreme Doughnut Delivery Gets Cooked in Cyberattack
byBecky Bracken, Senior Editor, Dark Reading
Dec 11, 2024
1 Min Read
A glowing purple and pink key, with dots and numbers in the background
Cyber Risk
Symmetrical Cryptography Pioneer Targets the Post-Quantum EraSymmetrical Cryptography Pioneer Targets the Post-Quantum Era
byKristina Beek, Associate Editor, Dark Reading
Dec 11, 2024
1 Min Read
A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an Hour
Researchers Crack Microsoft Azure MFA in an Hour
Dec 11, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
Microsoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
Dec 10, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
The Debating Chamber of the Scottish Parliament in Holyrood, Edinburgh, Scotland
Cyberattacks & Data Breaches
Scottish Parliament TV at Risk From Deepfakes
Scottish Parliament TV at Risk From Deepfakes
Dec 10, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
The Visual Studio Code logo
Cyberattacks & Data Breaches
Sprawling 'Operation Digital Eye' Attack Targets European IT Orgs
'Operation Digital Eye' Attack Targets European IT Orgs
Dec 10, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Dec 9, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
a patchwork quilt
Vulnerabilities & Threats
Google Launches Open Source Patch Validation Tool
Google Launches Open Source Patch Validation Tool
Dec 9, 2024
|
1 Min Read
byJennifer Lawinski, Contributing Writer
Still of Arnold Schwarzenegger's face from the 1990 movie Total Recall
Application Security
Microsoft Expands Access to Windows Recall AI Feature
Microsoft Expands Access to Windows Recall AI Feature
Dec 6, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
software components connected development
Application Security
Open Source Security Priorities Get a Reshuffle
Open Source Security Priorities Get a Reshuffle
Dec 6, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
PR Logo
Application Security
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
Dec 5, 2024
|
1 Min Read
DMCA logo and gavel sitting on a computer keyboard
Cyber Risk
Library of Congress Offers AI Legal Guidance to Researchers
Library of Congress Offers AI Legal Guidance to Researchers
Dec 5, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
Great Siege Tunnels, Gibraltar, featuring a tableau of seven cannons overlooking Spanish positions
Сloud Security
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Dec 5, 2024
|
1 Min Read
byTara Seals, Managing Editor, News, Dark Reading
Mitel's corporate logo on an office building
Vulnerabilities & Threats
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Dec 5, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
PR Logo
Application Security
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
Dec 4, 2024
|
1 Min Read
A magnifying glass hovering over the Veeam logo on its webpage
Vulnerabilities & Threats
Veeam Urges Updates After Discovering Critical Vulnerability
Veeam Urges Updates After Discovering Critical Vulnerability
Dec 4, 2024
|
1 Min Read
byKristina Beek, Associate Editor, Dark Reading
Concept illustration of a content delivery network on a world map
Application Security
Misconfigured WAFs Heighten DoS, Breach Risks
Misconfigured WAFs Heighten DoS, Breach Risks
Dec 3, 2024
|
1 Min Read
byJai Vijayan, Contributing Writer
Two hands typing on a laptop's keyboard, with a digital overlay
Threat Intelligence
Ransomware Gangs Seek Pen Testers to Boost Quality
Ransomware Gangs Seek Pen Testers to Boost Quality
Nov 29, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A blue credit card on a fish hook being dangled above a computer keyboard
Application Security
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Sneaky Skimmer Malware Targets Magento Sites Ahead of Black Friday
Nov 27, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
Chris Wysopal at Dark Reading News Desk at Black Hat USA 2024
Application Security
News Desk 2024: Can GenAI Write Secure Code?
News Desk 2024: Can GenAI Write Secure Code?
Nov 27, 2024
byBecky Bracken, Senior Editor, Dark Reading
Hands holing and working a tablet, overlaid with charts
Application Security
Israel Defies VC Downturn With More Cybersecurity Investments
Israel Defies VC Downturn With More Cybersecurity Investments
Nov 27, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
A still from the famous orgasm scene in "When Harry Met Sally"
Application Security
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Hooded figures on the Chinese flag cover with code
Application Security
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Nov 26, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
Images of nonfungible tokens clustered together on a screen with an index finger hovering above as if to press on one
Application Security
OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts
OpenSea NFT Phishers Aim to Drain Crypto Wallets
Nov 26, 2024
|
1 Min Read
byElizabeth Montalbano, Contributing Writer
PR logo
Application Security
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
Nov 26, 2024
|
1 Min Read
The app logos for ChatGPT and Claude
Application Security
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Faux ChatGPT, Claude API Packages Deliver JarkaStealer
Nov 22, 2024
|
1 Min Read
byNate Nelson, Contributing Writer
puzzle pieces with combination lock to represent secure coding practices
Application Security
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
MITRE: Cross-Site Scripting Is 2024's Most Dangerous Software Weakness
Nov 21, 2024
|
1 Min Read
byBecky Bracken, Senior Editor, Dark Reading
Green globe showing Africa
Cyber Risk
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
African Reliance on Foreign Suppliers Boosts Insecurity Concerns
Nov 20, 2024
|
1 Min Read
byRobert Lemos, Contributing Writer
a view of a classroom in a school with tables and assignments on bulletin boards
Application Security
SWEEPS Educational Initiative Offers Application Security Training
SWEEPS Educational Initiative Offers Application Security Training
Nov 20, 2024
|
1 Min Read
byJennifer Lawinski, Contributing Writer
Words reading "Penetration test" on a blue screen
Vulnerabilities & Threats
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Russian-Speaking Ransomware Gangs on the Hunt for Pen Testers
Nov 19, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading
Department of Homeland Security Logo has an eagle in the middle of the seal
Сloud Security
DHS Releases Secure AI Framework for Critical Infrastructure
DHS Releases Secure AI Framework for Critical Infrastructure
Nov 18, 2024
|
1 Min Read
byDark Reading Staff, Dark Reading

Editor's Choice

A woman sitting at a laptop and holding a mobile device, the screens of both displaying a green check mark in a circle
Cyberattacks & Data Breaches
Researchers Crack Microsoft Azure MFA in an HourResearchers Crack Microsoft Azure MFA in an Hour
byElizabeth Montalbano, Contributing Writer
Dec 11, 2024
4 Min Read
The words "zero-day" written in a line of code on a computer screen
Application Security
Microsoft NTLM Zero-Day to Remain Unpatched Until AprilMicrosoft NTLM Zero-Day to Remain Unpatched Until April
byJai Vijayan, Contributing Writer
Dec 9, 2024
3 Min Read
A patchwork quilt
Application Security
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch TuesdayMicrosoft Fixes Active Zero-Day, Critical RCEs on Patch Tuesday
byTara Seals, Managing Editor, News, Dark Reading
Dec 10, 2024
5 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe