Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
programming
Low code applications are essential for cybersecurity development in applications

One of the biggest changes to the cybersecurity landscape is that developers are now often expected to implement security directly into the applications they’re building as …

Code review: How satisfied are development teams?

Code review remains the biggest influence on improving code quality with unit testing a distant second, a SmartBear survey reveals. With development teams getting larger and …

Hand
Trojan Source bugs may lead to extensive supply-chain attacks on source code

Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

Code
The basics of security code review

With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …

GitHub
GitHub envisions a world with fewer software vulnerabilities

After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …

GitHub Code Scanning
GitHub Code Scanning aims to prevent vulnerabilities in open source software

GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …

Security Compass
Automate manual security, risk, and compliance processes in software development

The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible cybersecurity gets in the way of what any …

code
Microsoft Application Inspector: Check open source components for unwanted features

Want to know what’s in an open source software component before you use it? Microsoft Application Inspector will tell you what it does and spots potentially unwanted …

Mozilla
Mozilla will use AI coding assistant to preemptively catch Firefox bugs

Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more efficient and to prevent the introduction of …

healthcare
OpenEMR vulnerabilities put patients’ info, medical records at risk

A slew of vulnerabilities in OpenEMR allowed attackers to access random patients’ health records, view data from a target database, escalate their privileges on the …

Magnify
Custom code accounts for 93% of application vulnerabilities

Although third-party software libraries represent a majority of an application’s code, they account for less than seven percent of application vulnerabilities. Typically, …

BlackDuck
Organizations are not effectively dealing with open source security threats

Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & …

Don't miss

Cybersecurity news