April 21, 2023
The surprising story of the supply chain hack of VoIP provider 3CX got even crazier this week. Here's what your application security need to know.
April 20, 2023
The new ReversingLabs Software Supply Chain Risk Survey found that supply chain security poses serious risk that traditional app sec tools can't address.
April 18, 2023
There is so much to take in at RSAC. Cut through the noise with our list of threat-focused talks you don't want to miss.
April 4, 2023
The compromise was limited to their app. But there's a bigger lesson: Supply chain security complacency comes with a cost.
March 21, 2023
Software secrets are targeted by malicious actors. Here are three key steps to mitigate risk — and best practices you can take to prevent future breaches.
March 14, 2023
Here’s how attackers are finding software development secrets buried in code repositories — and exploiting them.
February 23, 2023
The Circle CI breach and other recent hacks expose why the secrets problem is so prolific. Learn the why in this first post in our Secrets Revealed series.
February 8, 2023
A researcher discovered a JsonWebToken flaw in a Toyota app that gave access to corporate user accounts, as well as suppliers — and even Toyota parts.
January 26, 2023
This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
January 11, 2023
In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers.
January 11, 2023
Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns.
December 7, 2022
Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.