application-security

The hidden risk in hybrid IT: Fragmented vulnerability management

• ai-benefitsrisks
• aiml
• application-security
• security-operations
• soc

The hidden risk in hybrid IT: Fragmented vulnerability management

Srikant Sreenivasan May 7, 2026

Hybrid IT and AI expand attack surfaces, making continuous, context-aware risk management essential.

Read More Read more about The hidden risk in hybrid IT: Fragmented vulnerability management

Most security pros say managing identity has become a major challenge

• ai-benefitsrisks
• aiml
• application-security
• decentralized-identity-and-verifiable-credentials
• iam-technologies
• identity

Most security pros say managing identity has become a major challenge

Steve Zurier May 6, 2026

Nearly 9 in 10 security leaders struggle with identity sprawl as AI and NHIs expose governance gaps....

Read More Read more about Most security pros say managing identity has become a major challenge

DHS mobile device security falls short of standards, inspector general report finds

• application-security
• security-operations

DHS mobile device security falls short of standards, inspector general report finds

SC Staff May 6, 2026

The Department of Homeland Security's inspector general report found that over three-quarters of the 650 mobile apps...

Read More Read more about DHS mobile device security falls short of standards, inspector general report finds

After the identity fix: MCP’s confused deputy problem

• ai-benefitsrisks
• aiml
• application-security

After the identity fix: MCP’s confused deputy problem

Nik Kale May 6, 2026

AI agents can act as “confused deputies,” executing actions users never intended.

Read More Read more about After the identity fix: MCP’s confused deputy problem

Internal threats now pose the biggest risk to companies

• application-security
• data-security
• risk-assessmentsmanagement

Internal threats now pose the biggest risk to companies

SC Staff May 5, 2026

New data from Orange Cyberdefense reveals that internal threats have escalated to 57%, surpassing external threats for...

Read More Read more about Internal threats now pose the biggest risk to companies

Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381

• aiml
• application-security
• generative-ai

Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381

Mike Shema May 5, 2026

Read More Read more about Keeping Up With the OWASP GenAI Project – Scott Clinton – ASW #381

Telegram mini apps used in large-scale crypto scams and malware distribution

• application-security
• malware
• phishing

Telegram mini apps used in large-scale crypto scams and malware distribution

SC Staff May 4, 2026

The FEMITBOT platform facilitates various scams, including fake cryptocurrency, financial services, AI tools, and streaming sites.

Read More Read more about Telegram mini apps used in large-scale crypto scams and malware distribution

‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017

• ai-benefitsrisks
• aiml
• application-security
• network-security

‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017

Steve Zurier April 30, 2026

AI-found Linux flaw enables easy root access, heightening risk across cloud and shared systems.

Read More Read more about ‘Copy Fail’ bug can obtain root privileges in Linux distributions since 2017

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

• aiml
• application-security
• devsecops
• generative-ai

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

Steve Zurier April 29, 2026

Latest case was the second time in five weeks the Python package was exploited.

Read More Read more about LiteLLM exploited within 36 hours of disclosure via SQL injection bug

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

• application-security
• malware
• ransomware
• supply-chain
• threat-intelligence
• threat-management

GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX

Laura French April 28, 2026

A new cluster of 73 extensions impersonating legitimate projects has been tied to the GlassWorm campaign.

Read More Read more about GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX