application-security

Trapdoor ad fraud campaign used hundreds of Android apps

• application-security

Trapdoor ad fraud campaign used hundreds of Android apps

SC Staff May 22, 2026

The Trapdoor campaign initially distributed seemingly legitimate utility apps, such as PDF readers, through the Google Play...

Read More Read more about Trapdoor ad fraud campaign used hundreds of Android apps

APIs under pressure: How AI is rewriting the rules of enterprise security

• aiml
• application-security
• risk-identificationclassificationmitigation

APIs under pressure: How AI is rewriting the rules of enterprise security

Paul Wagenseil May 20, 2026

The rapid growth of AI has created an explosion of APIs that will require new techniques to...

Read More Read more about APIs under pressure: How AI is rewriting the rules of enterprise security

The blind spot in AI security: Resilience for model and training data

• ai-benefitsrisks
• aiml
• application-security

The blind spot in AI security: Resilience for model and training data

Chris Mierzwa May 15, 2026

AI resilience, not speed alone, will decide which enterprises survive AI-era breaches.

Read More Read more about The blind spot in AI security: Resilience for model and training data

Axios breach shows why software supply chains need zero trust

• application-security
• third-party-code

Axios breach shows why software supply chains need zero trust

Oludolamu Onimole May 14, 2026

The axios breach shows trusted identities, not code flaws, now drive supply chain attacks.

Read More Read more about Axios breach shows why software supply chains need zero trust

Trusted by default: The npm attack pattern security teams miss

• application-security
• third-party-code

Trusted by default: The npm attack pattern security teams miss

Mohit Bansal May 13, 2026

Developers are now the prime target in evolving npm supply chain attacks.

Read More Read more about Trusted by default: The npm attack pattern security teams miss

‘Mini’ Shai-Hulud attack compromises hundreds of npm, PyPI packages

• application-security
• decentralized-identity-and-verifiable-credentials
• identity
• supply-chain

‘Mini’ Shai-Hulud attack compromises hundreds of npm, PyPI packages

Steve Zurier May 12, 2026

Teams warn the latest Shai-Hulud wave weaponizes trusted OIDC tokens to bypass package integrity checks.

Read More Read more about ‘Mini’ Shai-Hulud attack compromises hundreds of npm, PyPI packages

Why Basic Security Practices Still Work – Rob Allen – ASW #382

• ai-benefitsrisks
• application-security
• ransomware

Why Basic Security Practices Still Work – Rob Allen – ASW #382

Mike Shema May 12, 2026

Read More Read more about Why Basic Security Practices Still Work – Rob Allen – ASW #382

SailPoint GitHub repo hit by third-party cyberattack

• application-security
• decentralized-identity-and-verifiable-credentials
• identity
• supply-chain

SailPoint GitHub repo hit by third-party cyberattack

Steve Zurier May 11, 2026

SailPoint says GitHub repo breach exposed no customer data or production systems.

Read More Read more about SailPoint GitHub repo hit by third-party cyberattack

Smartphone users increasingly forgo paid antivirus protection

• application-security

Smartphone users increasingly forgo paid antivirus protection

SC Staff May 11, 2026

A recent survey by Cybernews indicates that only 18% of mobile phone users in America pay for...

Read More Read more about Smartphone users increasingly forgo paid antivirus protection

Google removes 28 fraudulent apps from Play Store

• application-security

Google removes 28 fraudulent apps from Play Store

SC Staff May 11, 2026

Security researchers at ESET uncovered the malicious campaign, dubbed CallPhantom, which primarily targeted users in India, indicated...

Read More Read more about Google removes 28 fraudulent apps from Play Store