software development
Securing open-source code supply chains may help prevent the next big cyberattack
The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my …
Malicious Python packages employ advanced detection evasion techniques
JFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over …
Lack of API visibility undermines basic principle of security
One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack …
GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry. About the fixed …
Illuminating the path: Compliance as the key to security-by-design
Like taxes or going to the dentist, compliance is one of those topics that people often don’t like to contemplate. There are many reasons for the distaste but this …
What is challenging secure application development?
A Censuswide report reveals the biggest security challenges that application security (AppSec) managers and software developers are facing within their organizations in …
5G and edge computing will lead an app development revolution
A ResearchAndMarkets report evaluates the outlook for 5G technology, infrastructure, devices, applications, and services. The report also assesses the technologies, …
Software development: Why security and constant vigilance are everyone’s responsibilities
An report from May 2021 has found that 81% of developers admit to knowingly releasing vulnerable apps, and 76% experienced pressure to sacrifice mobile security for …
Organizations making security trade-offs in the push to innovate
The vast majority of organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace secure innovation. A …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Navigating ethics in AI today to avoid regrets tomorrow
As artificial intelligence (AI) programs become more powerful and more common, organizations that use them are feeling pressure to implement ethical practices in the …
Fintech developers dissatisfied with their current roles, a major risk for their employers
Rapyd published a report conducted by 451 Research, to assess the market dynamics of fintech developers around the world. Key findings in the report include a growing demand …
Featured news
Resources
Don't miss
- Balancing data protection and clinical usability in healthcare
- BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework
- Your smart home may not be as secure as you think
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
- Building a reasonable cyber defense program