
The hidden costs of Java, and the impact of pricing changes
An overwhelming 98% of all the businesses surveyed use Java in their software applications or infrastructure, and 57% of those organizations indicate that Java is the backbone …

Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …

CI Fuzz CLI: Open-source tool to test Java apps for unexpected behaviors
CI Fuzz CLI, the open-source Command-Line Interface (CLI) tool from Code Intelligence, now allows Java developers to easily incorporate fuzz testing into their existing JUnit …

Consumer behaviors are the root of open source risk
Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …

Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …

How to manage the intersection of Java, security and DevOps at a low complexity cost
In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for …

Spring4Shell: No need to panic, but mitigations are advised
Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core, a massively …

Experts uncover Elephant Beetle, an organized financial-theft operation
Sygnia announced that it has released its comprehensive report uncovering an organized financial-theft operation it has termed Elephant Beetle. For the past two years, the …

Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …

Infoworks 5.0 accelerates and lowers cost of cloud migration and analytics deployment
Infoworks announced Version 5.0 – the latest release of the company’s comprehensive software solution for automated cloud migration and enterprise data operations. As …

Oracle Java 17 delivers thousands of performance and security updates
Oracle released Java 17, the latest version of the world’s number one programming language and development platform. Java 17 delivers thousands of performance, …
Granulate gProfiler provides support to Graviton processors to improve code quality
Granulate announced the latest addition to its gProfiler, which now provides support to Graviton processors. With this new addition to gProfiler, organizations running …
Featured news
Sponsored
Don't miss
- Sumo Logic discloses potential breach via compromised AWS credential
- Marina Bay Sands breach exposed data of 665,000 customers
- The 3 key stages of ransomware attacks and useful indicators of compromise
- Aqua Trivy open-source security scanner now finds Kubernetes security risks
- AI-assisted coding and its impact on developers