Application Security

42% of AI-using devs say at least half of their codebase is AI-generated

Laura FrenchJune 18, 2025

Only 67% of developers said they review AI-generated code before deployment.

Today's Top AppSec Headlines

Application Security: Explained and Explored

Firewalls, Routers
Rethinking Regex: Smarter detection for a modern threat landscape
Application security
From trojans to quantum leaps: An inside look at this week’s cyber mayhem
Application security
Breaking barriers: Solving AppSec challenges in financial services
AI/ML
RSAC 2025 executive interview: Sonatype’s Brian Fox
Application security
CyberSG TIG Collaboration Centre RSAC 2025 interview: Teik Guan Tan of pQCee
Cloud Security
RASC 2025 executive interview: Oligo Security’s Gal Elbaz
Application security
RSAC 2025 executive interview: Apiiro’s Idan Plotnik
Application security
Why comprehensive scan coverage is critical for DevSecOps lifecycle success and regulatory compliance
DevSecOps
Security without speed bumps: Using WAF simulator to transform DevSecOps workflows
IoT
AI, automation, and the future of IoT security: Meeting compliance without sacrificing speed

Application Security News

Mobile banking security alert on smartphone screen

Application security

GodFather banking malware creates virtual environment on victim devices

Malware observed targeting Turkish banks and scanning nearly 500 apps globally.

Application security

Fake npm utilities remotely delete entire app directories

The malicious packages create backdoor endpoints and act as wipers when activated.

Google Chrome application icon on Apple iPhone X screen close-up. Google Chrome app icon. Google Chrome application.

Application security

Chrome extensions transmit sensitive data over HTTP, leak API keys

Security pros warn that the leaked data could be used to launch profiling, phishing, or other targeted attacks.

In a dark, textured digital space a red padlock glows atop a small black cube, symbolizing security, protection, and privacy in the world of data and technology..

Encryption and decryption: The foundation of data protection

Ensuring information remains confidential and secure is a core cybersecurity technique.

(Credit: prima91 – stock.adobe.com)

Threat Intelligence

0-click exploitation of iMessage nickname feature revealed

The now-resolved issue was potentially used to target high-profile individuals, researchers say.

(Credit: Ungureanu – stock.adobe.com)

Android trojan ‘Crocodilus’ hijacks accessibility settings for control

The malware has evolved with new features and spread globally in the past three months.

Azure developed by Microsoft

CISA warns of attacks on Commvault’s Microsoft Azure environment

CISA believes the attacks on Commvault Azure environments may be part of a larger campaign to target SaaS vendors.

(Adobe Stock)

AI that empowers: Redefining security operations excellence with AI + human expertise

Download eSentire's 10 questions to ask vendors about AI when choosing an MDR provider.

futuristic cloud computing concept. glowing cloud symbol with medical cross on a digital circuit board background. ideal for technology, healthcare, and data security projects.

Serviceaide data breach exposed info of 483K Catholic Health patients

Incident underscores impact of third-party breaches on health organizations, security experts say.

Application security

Google Calendar used as middleman for stealthy NPM malware

The malicious package also uses Unicode steganography to evade detection.

Fast Five

Selected by the SC Media Editorial team every Tuesday.

Sign up now for the top five issues cybersecurity pros need to know this week.

AppSec Events