Escape raises $18M to expand AI agent platform for offensive security testing

Offensive security engineering platform startup Escape Technologies SAS announced today that it has raised $18 million in new funding to expand its artificial intelligence-agent security platform, ...

OpenAI to acquire Promptfoo to expand AI application testing capabilities

Founded in 2024, Promptfoo began as an open-source framework for evaluating AI prompts and model behavior. It later expanded into a commercial platform used by developers and enterprise security teams ...

Enhancing Application Security from Code to Cloud

As businesses rely more on software to deliver products and services, it is vital to secure their applications against threats such as code injection, data breaches, and privilege escalation.
InfoWorld

Three web security blind spots in mobile DevSecOps pipelines

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile pipeline could be missing these threats.
Bleeping Computer

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder’s research team built a new secrets detection method and scanned 5 ...
Microsoft

Case study: Securing AI application supply chains

The rapid adoption of AI applications, including agents, orchestrators, and autonomous workflows, represents a significant shift in how software systems are built and operated. Unlike traditional ...
Bleeping Computer

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...
The Hacker News

Why Secrets in JavaScript Bundles are Still Being Missed

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional ...
9to5Mac

Apple releases iOS 26.3 security test for beta users, details here [U: New update]

If you’re running the iOS 26.3 beta, Apple has just released a new security update you can install. But there’s a catch: rather than including fixes, the update is simply testing out a new system.
tech-critter.com

Aikido vs SonarQube: Code Quality vs Full-Stack Application Security

Writing clean, bug-free code is a point of pride for any developer. For decades, tools that measure code quality have been a staple of the software development lifecycle, helping teams eliminate bugs, ...
The Cincinnati Enquirer

Application Security Code and Protecting the Digital Heart of Today’s Business

Applications play a vital role in handling transactions, data, and regular tasks. When systems link to other tools and cloud platforms, the chances of attackers finding vulnerabilities increase. Even ...