software development
![cloud](https://img.helpnetsecurity.com/wp-content/uploads/2018/07/09100640/cloud-400x200.jpg)
50% of apps will not be migrated to the cloud
66% of businesses face difficulty in integrating and managing apps across third-party environments, while IT leaders also claim that over the next three years 50% of …
![](https://img.helpnetsecurity.com/wp-content/uploads/2019/10/09092935/iterm2-400x200.jpg)
Critical command execution vulnerability in iTerm2 patched, upgrade ASAP!
A critical vulnerability (CVE-2019-9535) in iTerm2, a macOS terminal emulator frequently used by developers and system administrators, could allow attackers to take control of …
![DevOps](https://img.helpnetsecurity.com/wp-content/uploads/2019/09/09093110/DevOps-1-400x200.jpg)
Adopting DevOps practices leads to improved security posture
A strong DevOps culture based on collaboration and sharing across teams, leads to an improved security posture, according to Puppet. Twenty-two percent of the firms at the …
![bot](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09095917/bot-400x200.jpg)
BotSlayer tool can detect coordinated disinformation campaigns in real time
A new tool in the fight against online disinformation has been launched, called BotSlayer, developed by the Indiana University’s Observatory on Social Media. The …
![RubyGems](https://img.helpnetsecurity.com/wp-content/uploads/2019/08/09093545/rubygems-400x200.jpg)
Backdoored Ruby gems stole credentials, injected cryptomining code
The compromise of several older versions of a popular Ruby software package (aka a Ruby “gem”) has led to the discovery of a more widespread effort to inject …
![lock](https://img.helpnetsecurity.com/wp-content/uploads/2018/08/09100459/lock-400x200.jpg)
Protecting iOS and Android applications in a fully automated way
In this Help Net Security podcast recorded at Black Hat USA 2019, Dave Belt, Technology Evangelist at Irdeto, and Jaco du Plooy, VP Cloakware at Irdeto, discuss the current …
![editor](https://img.helpnetsecurity.com/wp-content/uploads/2018/03/09101601/editor2-400x200.jpg)
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
![Python](https://img.helpnetsecurity.com/wp-content/uploads/2018/10/09100057/python-400x200.jpg)
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
![connection](https://img.helpnetsecurity.com/wp-content/uploads/2017/03/09104856/connection-400x200.jpg)
To benefit from DevOps implementation, security and dev teams must communicate better
Despite the enterprise benefits assured by adopting a DevOps culture, the majority of IT leaders believe communication between IT security and software development must …
![open source](https://img.helpnetsecurity.com/wp-content/uploads/2019/05/09094431/open-400x200.png)
1 in 10 open source components downloaded in 2018 had a known security vulnerability
This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it …
![Twitter](https://img.helpnetsecurity.com/wp-content/uploads/2018/05/09101156/twitter-400x200.jpg)
Researchers develop app to detect Twitter bots in any language
Thanks to fruitful collaboration between language scholars and machine learning specialists, a new application that can detect Twitter bots independent of the language used …
![GitHub](https://img.helpnetsecurity.com/wp-content/uploads/2016/06/09112128/github-400x200.jpg)
GitHub introduces Dependabot-powered automated security fixes
GitHub, the largest code-hosting site in the world, has announced many new features and changes at the 2019 GitHub Satellite conference that took place last week in Berlin. …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege