Robert Grupe's AppSecNewsBits

Robert Grupe's AppSecNewsBits 2025-05-03

Highlights:"You can't lick a badger twice", xAI secrets exposure, MFA fails & protections, Microsoft allows sign ins with revoked passwords, Oracle causes days outage, Juice-Hajacking device charging, AI generated code vulnerabilities, Air-Play vulnerabilities, and much more ...

Apr 26, 2025

Robert Grupe's AppSecNewsBits 2025-04-25

This Week’s Highlights: Pedestrian crosswalk hacking craze, WorkComper and health care data breaches, SSL.com certificates, M&S, Microsoft & SAP fumbles, vulnerability exploits within hours with AI, AI exploits, DOGE data exfiltration methods, and more ...

Apr 19, 2025

Robert Grupe's AppSecNewsBits 2025-04-19

Oracle, 4chan, Hertz, Landmark Admin, NTLM, ActiveX EOL, AI SupportBot inventing policies blocking customers, Security incident disclosures and stronger regulatory compliance requirements, and more ...

Apr 12, 2025

Robert Grupe's AppSecNewsBits 2025-04-12

Lame List & Highlights: VibeScamming, Slopsquatting, Signalgate personal contacts fumble, AI deepfakes, supply chain attacks, Microsoft Update Outages, Oracle denials, OCC undetected hack for over a year, and more ...

Apr 05, 2025

Robert Grupe's AppSecNewsBits 2025-04-04

Highlights This Week: Oracle, Europcar, Samsung, Coinbase, AU Pension Funds attacks, Fast Flux, AI passes Turing Test?, and more ...

Mar 29, 2025

Robert Grupe's AppSecNewsBits 2025-03-29

Highlights This Week: Microsoft DNS hijacked, Oracle denying recent breaches, JFK files release exposed sensitive PII, Madison Square Gardens customer bans, React Next.js, AI attacks, ...

Mar 22, 2025

Robert Grupe's AppSecNewsBits 2025-03-22

Highlights This Week: tj-actions, sensitive info in emails, Apache Tomcat, Microsoft, AI attack chains, PCI and HIPAA updates, ...

Mar 15, 2025

Robert Grupe's AppSecNewsBits 2025-03-16

Highlights This Week: Chromecast, HP Printers, Microsoft, unencrypted sensitive data, AI going everywhere and still failing ...

Mar 08, 2025

Robert Grupe's AppSecNewsBits 2025-03-08

This week's Lame List: secrets in logs, SSDLC without separation of duties, bad coding, vulnerable legacy applications, unencrypted data, unmanaged devices, AI deep fakes, ... the usual

Mar 01, 2025

Robert Grupe's AppSecNewsBits 2025-03-01

Highlights This Week: Tracking Apple phones and laptops by Bluetooth, Mitre insecure app; AI data leaks & malevolence; dumb lawyers – again; robotics horror

Feb 22, 2025

Robert Grupe's AppSecNewsBits 2025-02-22

Highlights This Week: New crypto attack record, enterprise network compromised in 48-minutes, Heath Care cyber security fails, data protection fails, new OWASP Top 10 for Non-Human Identities, AI, Lawsuits

Feb 15, 2025

Robert Grupe's AppSecNewsBits 2025-02-15

This week's Lame List: Auto Infotainment Adverts, PostgreSQL arbitrary code execution, unreliability of LLMs, NPM supply chain attack, device code phishing, bankjacking

First Back

1 2 3 4 5 6

Next Last