An unidentified group of threat actors orchestrated a sophisticated supply chain cyberattack on members of the Top.gg GitHub organization as well as individual developers...
The Network Resilience Coalition issued recommendations intended to improve network security infrastructure by reducing vulnerabilities created by outdated and improperly configured software and hardware. NRC members,...
Things to know:– December 14th, 2023, Ledger experienced an exploit on Ledger Connect Kit, a Javascript library to connect Web sites to wallets.– The...
COMMENTARYAfter Log4j, software supply chains are under more scrutiny for security issues. The US government mandated software bills of materials (SBOMs) for federal software...
PRESS RELEASEOrlando, FL, December 11, 2023 – Fortress Information Security (Fortress) and CodeSecure today announced a partnership to offer new capabilities to map open-source software components and find...
PRESS RELEASESAN FRANCISCO, Dec. 06, 2023 (GLOBE NEWSWIRE) -- Cycode, the leader in Application Security Posture Management (ASPM), today announced the inaugural State of ASPM 2024...
Data breaches are becoming much more common these days. PC Magazine reports that 422 million people were affected by data breaches last year. Preliminary...
The official open source code repository for the Python programming language, the Python Package Index (PyPI), will require all user accounts to enable two-factor...
A baker's dozen of packages hosted on the NuGet repository for .NET software developers are actually malicious Trojan components that will compromise the installation...
IBM has contributed two open source supply chain tools — SBOM Utility and License Scanner — to the Open Worldwide Application Security Project (OWASP)...