While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure their applications, regardless of what phase they are in in development or deployment. […]

Lakera has raised $20 million in a Series A funding round. Led by European VC Atomico, with participation from Citi Ventures, Dropbox Ventures, and existing investors including redalpine, this investment brings Lakera’s total funding to $30 million.

Several major Russian banks were hit by DDoS attacks that disrupted their mobile apps and websites. State-owned VTB and Russian Agricultural Bank confirmed the attacks, with VTB attributing it to a foreign source.

Infisical is an open-source secret management platform used by developers to centralize application configurations and secrets like API keys and database credentials, as well as manage internal PKI.

The Braodo Stealer, a Vietnamese-based malware, is infiltrating victims’ systems to steal sensitive information like credentials and banking details for identity theft and financial harm.

Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. “These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals,” the company said. “They targeted primarily […]

The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers […]

ICANN has warned the Chinese company responsible for the “.top” domain registry to improve its system for managing phishing reports or risk losing its license. “.top” was found to be a popular choice for phishing websites, behind only “.com.”