Communications of the ACM

Safe Coding

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...

Enhancing Application Security from Code to Cloud

As businesses rely more on software to deliver products and services, it is vital to secure their applications against threats such as code injection, data breaches, and privilege escalation.
Security Boulevard

Why Every Enterprise Needs a Strong API Security Strategy?

Modern enterprises are rapidly shifting toward API-centric architectures, leveraging APIs to connect internal systems, external partners, and digital services. With 74% of organizations adopting ...
eWeek

OpenAI Discovers Mass Shooter’s Secret ChatGPT Account

Canada presses OpenAI after a mass shooting suspect evaded a ChatGPT ban, raising urgent questions about AI safety and law enforcement reporting.

How Deepfakes and Injection Attacks Are Breaking Identity Verification

Deepfakes and injection attacks are targeting identity verification moments, from onboarding to account recovery. Incode explains why enterprises must validate the full session—media, device integrity ...
SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a ...
Berkman Klein Center

The Promptware Kill Chain

Affiliate Bruce Schneier and coauthors argue that prompt injection attacks are the first step of a seven-step promptware kill chain.