Crypto group ushers in post-quantum security
Here’s a look at the Ethereum Foundation’s new PQC security effort — and why you need to modernize your SecOps.
Featured
Crypto group ushers in post-quantum security
OpenClaw lesson: AI agents are a black hole
AI agents create novel attack surfaces and control issues that require rethinking assumptions — and AppSec tooling.
How to Examine Polyglot Files with Spectra Analyze
Here's how to assess a sample using Spectra Analyze in your environment — and create a YARA rule.
Latest
Crypto group ushers in post-quantum security
Here’s a look at the Ethereum Foundation’s new PQC security effort — and why you need to modernize your SecOps.
OpenClaw lesson: AI agents are a black hole
AI agents create novel attack surfaces and control issues that require rethinking assumptions — and AppSec tooling.
How to Examine Polyglot Files with Spectra Analyze
Here's how to assess a sample using Spectra Analyze in your environment — and create a YARA rule.
Make Your SBOMs Actionable with PURLs
Learn how Package URLs improve vulnerability matching, which reduces alert fatigue and simplifies compliance.
OWASP adopts DockSec: Why it matters
OWASP has adopted the container security tool to slow information overload. Here’s what you need to know.
OpenClaw and AI risk: 3 AppSec lessons
The OpenClaw saga is a case study on the threat from agentic AI, showing how it increases software risk.
Claude Code Security: The pros and cons
The new tool is a step forward on AI coding risk — but it trips on modern threats because it looks only at source code.
AI-native AppSec: What it is — and why it matters
AI coding is a game-changer — and requires AI-powered application security to fight fire with fire.
BSIMM16 confirms: AI redefines AppSec
AI coding is the new reality — and it will further destabilize software supply chain security. So step up your AppSec.
Inside the NuGet hackers' toolset
RL discovered two packages containing scripts that complete a typosquatting toolchain. Here's how it worked.
Malicious NuGet package targets Stripe
Threat actors targeted developers with a bogus package — a shift away from the recent crypto development hack focus.
How AI agents upend supply chain security
Here’s what you need to know about their impact on software security — and what you can do to fight back.
Cybercrime-as-a-service forces a security rethink
With AI-powered tools readily available, sophisticated attacks no longer require sophisticated attackers.
How to Use YARA Retrohunting for Defense
Learn how to use RL’s analysis of "pkr_mtsi" to advance your detection engineering in Spectra Analyze.
Commercial software risk: New controls required
Legacy strategies and tooling can’t manage today’s software threats. Here’s why binary analysis is necessary.