Please turn on your JavaScript for this page to function normally.
Microsoft launches new initiative to augment security

Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost …

North Korea
North Korean hackers are targeting software developers and impersonating IT workers

State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …

Steam
Valve introduces SMS-based confirmation to prevent malicious games on Steam

Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to “validate” new builds with a confirmation …

open-source software
The root cause of open-source risk

2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses …

Chalk
Chalk: Open-source software security and infrastructure visibility tool

Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into …

Nima Baiati
The pitfalls of neglecting security ownership at the design stage

For companies to avoid bleeding millions through cyber threats, they must build adaptability into their security strategy from the start while considering a range of inputs …

JetBrains TeamCity
Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)

Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which …

prompt injection
Are developers giving enough thought to prompt injection threats when building code?

With National Coding Week behind us, the development community has had its annual moment of collective reflection and focus on emerging technologies that are shaping the …

biometrics
Privacy concerns cast a shadow on AI’s potential for software development

Organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training, according to GitLab. “The transformational …

Bitwarden Secrets Manager
Bitwarden launches E2EE Secrets Manager

Bitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT …

Building resilience through DevSecOps

DevSecOps, short for Development, Security, and Operations, is an approach that emphasizes the integration of security practices and principles into every stage of the …

API
API tools and services are fueling revenue growth

As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an …

Don't miss

Cybersecurity news