Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
ConversingLabs caught up with Srinivasan to discuss how OpenSSF's Security Scorecard can aid developers in assessing open source software components for their projects.
Bad actors are finding secrets across the supply chain. Here are the key attack methods — and what's needed to prevent them.
Cl0p quietly tested the flaw for two years before launching the full exploit. Lesson: Look both ways before crossing.
Software vendors that do business with the government must prove they are practicing basic supply chain security. Here's a rundown on the requirements.
Firmware attacks can pose a substantial risk to the software supply chain. Here's what your software security team can learn from the latest compromise.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
ReversingLabs Field CISO Matt Rose explains the difference between application security hacks and software supply chain hacks.
Compiled-code behavior analysis beats old-skool app sec tools.
Your security operations team should be planning how to stay ahead of these emerging AI risks.
ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security
The ReversingLabs research team has identified a novel attack on PyPI using compiled Python code to evade detection — possibly the first attack to take advantage of PYC file direct execution.
Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?
Nvidia's tool is among the first to promise to manage the risk from generative AI. Here's what it can do — and an analysis of the scope of risk from AI.