Security weaknesses in web-facing apps used at a large U.S. hospital could leave the facility's IT systems and sensitive ...

An analysis of more than half a million mobile applications found that nearly one in five had hardcoded encryption keys, nearly one in six used software components with known vulnerabilities, and ...

CRN’s Security 100 list of the coolest web, email and application security companies includes AI-powered vendors protecting email inboxes and web browsers along with providers of modern code security.

A widespread phishing campaign has targeted nearly 12,000 GitHub repositories with fake "Security Alert" issues, tricking developers into authorizing a malicious OAuth app that grants attackers full ...

Cybersecurity company Snyk Ltd. today announced the launch of Snyk API & Web, a new dynamic application security testing or DAST solution designed to meet the growing demands of modern and ...

Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy classes also accept non-HTTP URLs, a behavior developers are responsible to ...

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...

From vendors offering code security tools to those protecting inboxes and websites against attacks, here’s a look at 20 key companies in web, email and application security. As hackers continue to ...