Alphabet’s DeepMind brings us AlphaCode — another AI code-generating parlor trick. And, just like its large language model cousins, it can spit out buggy code.
Read More about Ahoy! More insecure code washes ashore with AlphaCode
Read More about How deep scanning protects your data in the cloud
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Software supply chain attack mines diamond industry, npm security boosted
Conversational AI language model ChatGPT can write code. But is it any good?
Read More about ChatGPT: Parlor trick or Stack Overflow replacement?
Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.
Read More about New supply chain mandates: Uncle Sam wants you (to secure your software)!
Read More about Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Docker Hub leaks secrets, Black Basta ransomware gangs up on retailer
Days after researchers for Phylum and Checkmarx revealed an ongoing software supply chain attack spreading the W4SP Stealer malware through malicious packages on the Python Package Index (PyPI), ReversingLabs researchers discovered 10 additional PyPI packages pushing modified versions of W4SP that were overlooked.
Read More about W4SP continues to nest in PyPI: Same supply chain attack, different distribution method
ReversingLabs Malware Researcher Joseph Edwards takes a deep dive into ZetaNile, a set of open-source software trojans being used by Lazarus/ZINC.
Read More about ZetaNile: Open source software trojans from North Korea
Read More about Meta’s GDPR fine: Why your DevOps needs red teaming
Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.
Read More about GitHub repojacking attack: 10 lessons for software teams
A rash of small businesses on Facebook found their accounts locked after being hacked. And it’s impossible to contact Meta to get the problem fixed.
Read More about Your support must scale: Don’t be like Meta, dev teams
GitOps can help control configuration drift and enable your infrastructure security to shift left, for starters. Here are four ways it can enable better software security.
Read More about 4 ways GitOps can help secure your software pipeline
ReversingLabs Cloud Deep Scan can help organizations quickly identify threats in their AWS file shares and storage. Here are the key features.
Read More about Introducing ReversingLabs Cloud Deep Scan, Protection for Your Cloud File Shares
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Read More about The Week in Security: Disguised Russian software used in U.S. Army, CDC applications