Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
software development
Navigating ethics in AI today to avoid regrets tomorrow
As artificial intelligence (AI) programs become more powerful and more common, organizations that use them are feeling pressure to implement ethical practices in the …
Fintech developers dissatisfied with their current roles, a major risk for their employers
Rapyd published a report conducted by 451 Research, to assess the market dynamics of fintech developers around the world. Key findings in the report include a growing demand …
How digital transformation impacted CIO and CTO roles
Transposit announced results from a recent research study about the evolving roles of the CIO and CTO, as well as the extent of and attitudes towards adoption of DevOps …
Mobile app creation: Why data privacy and compliance should be at the forefront
In today’s mobile app landscape, providing customers with the most tailored and personal experience possible is essential to edging out competitors. But creating such a …
Top tips for preventing SQL injection attacks
In the wake of the Colonial Pipeline attack and other high-profile cases, IT teams may be scrabbling to shore up their endpoint protection. But those in the developer …
The destructive power of supply chain attacks and how to secure your code
In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques …
Ineffective software delivery costing businesses up to $126 million per year
Businesses may be sacrificing up to $126 million in revenue per year due to ineffective software delivery, according to a CircleCI study. Surveying more than 2,000 business …
Who is responsible for improving security in the software development environment?
Venafi announced the findings of a global survey that evaluates the impact of software supply chain attacks like SolarWinds/SUNBURST, CodeCov and Kaseya/REvil on how …
Agile adoption increasing within both IT and non-IT teams
Digital.ai released a report detailing notable trends and issues in Agile adoption and practice as identified by more than 1,380 global respondents. This year’s findings …
85% of organizations are yet to hit the cloud native technologies adoption milestone
Despite high adoption rates of cloud native technologies in recent years, enterprises have yet to cross the chasm to full adoption, but they’re quickly moving in that …
Most third-party libraries are never updated after being included in a codebase
79% percent of the time, third-party libraries are never updated by developers after being included in a codebase – despite the fact that more than two thirds of fixes …