Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
How CISOs can safeguard security in CI/CD environments
DevOps is a staple at every forward-thinking organization these days. The agile development and release formula helps companies address customer issues and marketplace …
Ransomware dominates the threat landscape
Acronis researchers have concluded that ransomware continues to be the number one threat to large and medium-sized businesses, including government organizations. Nearly half …
Organizations changing cyber strategy in response to nation-state attacks
66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been …
How attackers use and abuse Microsoft MFA
Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …
Thoma Bravo: Securing digital identities has become a major priority
Thoma Bravo is a private equity firm with a 40+ year history, including over $114 billion in assets under management, and a focus on investing in software and technology …
Is security becoming a priority for DevOps teams?
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and …
Lean security 101: 3 tips for building your framework
Cobalt, Lazarus, MageCart, Evil, Revil — cybercrime syndicates spring up so fast it’s hard to keep track. Until they infiltrate your system. But you know what’s even more …
7 open-source malware analysis tools you should try out
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing …
API security incidents occur at least once a month
Postman released the results of its 2022 State of the API Report, which surveyed more than 37,000 developers and API professionals on a range of topics, including their …
DDoS attacks jump 203%, patriotic hacktivism surges
Radware released a report revealing that the number of malicious DDoS attacks climbed by 203% compared to the first six months of 2021. The report also underscores how …
Featured news
Resources
Don't miss
- Building the missing layers for an internet of agents
- What security leaders should watch for when companies buy or sell a business
- Malicious Rust packages targeted Web3 developers
- Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
- Smart grids are trying to modernize and attackers are treating it like an invitation