software
The Linux Foundation’s Census of OSS app libraries helps prioritize security work
The Linux Foundation announced the final release of “Census II of Free and Open Source Software – Application Libraries,” which identifies more than one thousand of the …
Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered
Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software …
Software supply chain security still a pain point
ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the …
Tackling supply chain security head-on
Threats against supply chains are growing and the reality is that the size, cost, and sophistication of these threats make it difficult for anyone organization to control or …
Supply chain shortages create a cybersecurity nightmare
The White House has recently issued alerts noting that many manufacturers suffer from disrupted supply chains, and rebuilding supply chains is a major priority. Some analysts …
Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changes
Offensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform. Visually refreshed and with improved usability …
The importance of implementing security scanning in the software development lifecycle
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents …
78% of organizations expect to produce or consume SBOMs in 2022
The Linux Foundation announced the availability of the first in a series of research projects to understand the challenges and opportunities for securing software supply …
Preventing software security vulnerabilities with automation
A team of UTSA researchers is exploring how a new automated approach could prevent software security vulnerabilities. The team sought to develop a deep learning model that …
How threat actors are using npm to launch attacks
WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on …
Product showcase: Cybellum’s Product Security Lifecycle Platform
Automotive, medical device and industrial equipment manufacturers are building critical devices we all rely on – from the cars we use to commute, the equipment that …
Healthcare industry most common victim of third-party breaches last year
Black Kite released its annual Third-Party Breach Report, which examines the impact of third-party cyber breaches in 2021. Ransomware was the most common attack method behind …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)