Application Security

Raven Emerges From Stealth With $20 Million in Funding

Raven Emerges From Stealth With $20 Million in Funding 2026-03-19 at 13:32 By Ionut Arghire Raven’s platform observes applications at runtime to detect anomalous behavior and prevent cyberattacks. The post Raven Emerges From Stealth With $20 Million in Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Raven Emerges From Stealth With $20 Million in Funding Read More »

ENISA advisory examines package manager security risks

ENISA advisory examines package manager security risks 2026-03-12 at 15:24 By Anamarija Pogorelec Developers install external libraries with a single command, and that step can introduce more code than expected into a project environment. Dependency resolution inside package managers extends software supply chains across large collections of external components. ENISA’s Technical Advisory for Secure Use

ENISA advisory examines package manager security risks Read More »

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »

VS Code Configs Expose GitHub Codespaces to Attacks

VS Code Configs Expose GitHub Codespaces to Attacks 2026-02-05 at 16:59 By Ionut Arghire VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request. The post VS Code Configs Expose GitHub Codespaces to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

VS Code Configs Expose GitHub Codespaces to Attacks Read More »

Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach

Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach 2026-01-28 at 15:16 By Kevin Townsend Rein aims to close the production visibility gap by stopping attacks inside the application runtime. The post Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach appeared first on SecurityWeek. This article is an excerpt from

Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach Read More »

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore 2026-01-21 at 14:15 By Kevin Townsend API cybersecurity will be a ping pong ball, battered between the rackets of AI-assisted attackers and AI-assisted defenders. The post Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore appeared first on SecurityWeek. This

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore Read More »

Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls

Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls 2026-01-15 at 19:38 By Kevin Townsend Vibe coding generates a curate’s egg program: good in parts, but the bad parts affect the whole program. The post Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls appeared first on

Vibe Coding Tested: AI Agents Nail SQLi but Fail Miserably on Security Controls Read More »

Aikido Security Raises $60 Million at $1 Billion Valuation

Aikido Security Raises $60 Million at $1 Billion Valuation 2026-01-14 at 20:40 By Eduard Kovacs The developer security company has raised a total of more than $84 million in funding. The post Aikido Security Raises $60 Million at $1 Billion Valuation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Aikido Security Raises $60 Million at $1 Billion Valuation Read More »

How AI agents are turning security inside-out

How AI agents are turning security inside-out 2026-01-09 at 09:30 By Help Net Security AppSec teams have spent the last decade hardening externally facing applications, API security, software supply chain risk, CI/CD controls, and cloud-native attack paths. But a growing class of security threats is emerging from a largely underestimated and undefended source: internally built

How AI agents are turning security inside-out Read More »

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist 2025-12-31 at 14:09 By Ionut Arghire The worm exposed Trust Wallet’s Developer GitHub secrets, allowing attackers to publish a backdoor extension and steal funds from 2,520 wallets. The post Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist appeared first on SecurityWeek.

Shai-Hulud Supply Chain Attack Led to $8.5 Million Trust Wallet Heist Read More »

More than half of public vulnerabilities bypass leading WAFs

More than half of public vulnerabilities bypass leading WAFs 2025-12-18 at 13:42 By Help Net Security Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure and evaluates their effectiveness against critical vulnerabilities, CVEs, and AI-driven

More than half of public vulnerabilities bypass leading WAFs Read More »

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities 2025-12-12 at 14:04 By Ionut Arghire XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25. The post MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities appeared

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities Read More »

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability 2025-12-04 at 12:11 By Eduard Kovacs A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182. The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability Read More »

Clover Security Raises $36 Million to Secure Software by Design

Clover Security Raises $36 Million to Secure Software by Design 2025-11-26 at 16:30 By Ionut Arghire The cybersecurity startup embeds AI agents into widely used tools to identify design flaws and eliminate them early. The post Clover Security Raises $36 Million to Secure Software by Design appeared first on SecurityWeek. This article is an excerpt

Clover Security Raises $36 Million to Secure Software by Design Read More »

Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign 

Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign  2025-11-14 at 12:40 By Ionut Arghire A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign. The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign  Read More »

Two New Web Application Risk Categories Added to OWASP Top 10

Two New Web Application Risk Categories Added to OWASP Top 10 2025-11-10 at 15:21 By Ionut Arghire OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications. The post Two New Web Application Risk Categories Added to OWASP Top 10 appeared first

Two New Web Application Risk Categories Added to OWASP Top 10 Read More »

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

GlassWorm Malware Returns to Open VSX, Emerges on GitHub 2025-11-10 at 14:46 By Ionut Arghire Three more VS Code extensions were infected last week and the malware has emerged in GitHub repositories as well. The post GlassWorm Malware Returns to Open VSX, Emerges on GitHub appeared first on SecurityWeek. This article is an excerpt from

GlassWorm Malware Returns to Open VSX, Emerges on GitHub Read More »

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks 2025-11-04 at 18:39 By Eduard Kovacs Arbitrary command/code execution has been demonstrated through the exploitation of CVE-2025-11953 on Windows, macOS and Linux.  The post Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks appeared first on SecurityWeek. This article is

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks Read More »

Bugcrowd Acquires Application Security Firm Mayhem

Bugcrowd Acquires Application Security Firm Mayhem 2025-11-04 at 15:32 By Eduard Kovacs Bugcrowd said the acquisition of Mayhem has nearly doubled its valuation — previously reported at over $1 billion. The post Bugcrowd Acquires Application Security Firm Mayhem appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Bugcrowd Acquires Application Security Firm Mayhem Read More »

Financial services can’t shake security debt

Financial services can’t shake security debt 2025-11-04 at 07:30 By Anamarija Pogorelec In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data

Financial services can’t shake security debt Read More »

Scroll to Top