Guardrails Make AI-Assisted Development Safer By Design
AI coding assistants are rapidly becoming part of everyday software development. From generating boilerplate code to suggesting entire dependency...
software
When One Vulnerability Breaks the Internet and Millions of Devices Join In
The final weeks of 2025 did not arrive quietly. A single software flaw rippled across the internet, healthcare providers disclosed deeply...
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector...
The WAF must die – some interesting thoughts – FireTail Blog
A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application...
The WAF must die – some interesting thoughts – FireTail Blog
A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application...
The WAF must die – some interesting thoughts – FireTail Blog
A recent posting by Dr. Chase Cunningham from Ericom Software on LinkedIn took an interesting view on web application...
I am not a robot: ClickFix used to deploy StealC and Qilin
ClickFix is an increasingly common tactic used by threat actors to install malicious software on victims’ devices. It has gone...
I am not a robot: ClickFix used to deploy StealC and Qilin
ClickFix is an increasingly common tactic used by threat actors to install malicious software on victims’ devices. It has gone...
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Dec 18, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical...
Why Data Security and Privacy Need to Start in Code
AI-assisted coding and AI app generation platforms have created an unprecedented surge in software development. Companies are now facing rapid...
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX)...
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly...
Speed Without Breach: Engineering the Controls for AI-Driven Software
Speed Without Breach: Engineering the Controls for AI-Driven Software As AI accelerates software delivery, unguarded use introduces avoidable risks; secrets...
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
Dec 02, 2025Ravie LakshmananAI Security / Software Supply Chain Cybersecurity researchers have disclosed details of an npm package that attempts...
4 New AppSec Requirements in the Age of AI
Get details on 4 new AppSec requirements in the AI-led software development era. We all know AI is transforming...
