Software Security
Hackers Target Chinese With Notepad++ and Vnote Installers
In a recent revelation by cybersecurity experts at Kaspersky Labs, a concerning cyber threat has emerged targeting users of popular text editing software in China. This sophisticated attack involves the distribution of ...
CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures. The recently discovered flaw has been added ...
Synopsys Report Exposes Extent of Open Source Software Security Risks
Synopsys found 74% of 1,067 commercial codebases scanned contain open source components impacted by high-risk vulnerabilities ...
The xSPM Trend: Security Posture Management for Everything
The xSPM trend represents a holistic approach to managing and enhancing the security posture of diverse IT assets ...
Report: Cyberattacks Against Software Supply Chains Become More Targeted
Phylum found an increase in the discovery of malicious packages targeting the software supply chains of specific organizations ...
Checkmarx Report Surfaces Software Supply Chain Compromises
A Checkmarx report found 56% of attacks against software supply chains resulted in thefts of credential and confidential data ...
Google Pushes Software Security Via Rust, AI-Based Fuzzing
Google is making moves to help developers ensure that their code is secure. The IT giant this week said it is donating $1 million to the Rust Foundation to improve interoperability between ...
Protect AI Acquires Laiyer AI to Better Secure AI Models
Protect AI has acquired Laiyer AI, a provider of open source software used to protect LLMs from security threats ...
Embedding Security Into Cloud Operations: 5 Key Considerations
Cloud operations involves more than technology; it's about a culture that values agility, flexibility and continuous improvement ...
The State of Open Source Cloud-Native Security
As 2024 kicks off, here's where cloud-native supply chain security stands and what to expect in the immediate future ...