developers
Complex Supply Chain Attack Targets GitHub Developers
Unidentified threat actors used multiple tactics to launch a sophisticated software supply-chain campaign targeting developers on the GitHub platform, including members of the popular Top.gg community that includes more than 170,000 members ...
Security Boulevard
Application Security Trends & Challenges with Tanya Janca
Tom Eston | | Application Security, AppSec, career, Cyber Security, Cybersecurity, Data Privacy, developers, DEVOPS, DevSecOps, Digital Privacy, Episodes, hiring, Information Security, Infosec, jobs, Podcast, Podcasts, Privacy, security, Security Awareness, Security Education, Semgrep, Tanya Janca, technology, Weekly Edition, WeHackPurple
In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since ...
Unveiling BlazeStealer Malware Python Packages on PyPI
Wajahat Raja | | BlazeStealer Malware, code obfuscation, Crypto-Themed npm Modules, Cyber Threats, Cybersecurity News, Cybersecurity Threat, data theft, developers, Discord Bot, Geographic Impact, Malicious Modules, open source development, Package Vetting, Phylum, Proactive Cybersecurity, PyPI, Python Packages, security breach, software supply chain security, Vigilance
In a recent revelation, a cluster of malicious Python packages has infiltrated the Python Package Index (PyPI), posing a significant threat to developers’ systems by aiming to pilfer sensitive information. These deceptive ...
GitHub Vulnerability Put Code Packages at Risk of Repojacking
A new vulnerability found in GitHub’s operations could have given bad actors another way of getting around the code hosting platform’s security protections and exposing thousands of code packages to being hijacked ...
Security Boulevard
National Cybersecurity Strategy Requires Orgs to Rethink Software Quality
Software development is a global effort, with DevOps teams often dispersed around the world. According to Statista, there will be over 27.7 million developers worldwide in 2023. That’s a lot of engineers creating ...
Security Boulevard
Augmented Software Engineering in an AI Era
Artificial Intelligence (AI) has been making waves in many industries, and software engineering is no exception. AI has the potential to revolutionize the way software is developed, tested, and maintained, bringing a ...
Debunking Three Common Threat Modeling Myths
The benefits of threat modeling are significant. Not only does it provide a systematic process for evaluating potential threats to an organization’s system, but it also creates a framework for informed decision-making, ...
Security Boulevard
LoginRadius Launches a CLI for Enterprise Dashboard
We are happy to announce that we have launched LoginRadius CLI for enterprise dashboard ...
New Contrast Learning Hub and Community Platform | Blog
The 2022 Forrester Research survey, “Breaches By The Numbers: Adapting To Regional Challenges Is Imperative,” found that 63% of organizations were breached in the past year. It also showed that attackers are ...
Facebook Doesn’t Know Where Your Data Is, New Hire Spearmishing Attack, Smart Thermostat Lock Out
Tom Eston | | Cambridge Analytica, Colorado, Cybersecurity, Data Privacy, developers, Digital Privacy, ECO+, Ecobee, Engineers, Episodes, facebook, Information Security, Infosec, Nest, Podcast, Power Company, power grid, Privacy, security, Smart Thermostat, Spearmished, Spearmishing, technology, Weekly Edition, Xcel
In recent court testimony two Facebook engineers were asked what information, precisely, does Facebook store about us, and where is it? Surprisingly they said, they don’t know. Details on how brand new ...