Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
The Log4Shell vulnerability is considered to be one of the most significant software bugs in recent years, because of its severity, pervasiveness and long-lasting impact on organizations.
It’s super easy to spoof Visual Studio Code extensions. And those spoofed extensions are incredibly hard to detect.
ChatGPT and Copilot are a clear and present danger to software security. Modernize your AppSec approach today
ReversingLabs’ YARA detection rule for Black Basta can help you find this ransomware in your environment.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Machine learning can be a cognitive crutch, causing code vulnerabilities. Use with extreme caution!
Get out in front of new compliance requirements for a competitive advantage. Here's what your software organization needs to know.
Security teams should consider software supply chain risk through a new lens after the latest CircleCI incident.
Learn how your organization can reduce cyber risks (as well as operational workload and tool costs) while ensuring data and file privacy. Plus, explore how your security team can reduce MTTD and prioritize malicious files for triage.
Application security is foundational to the software supply chain security ecosystem. But it takes a village. Derek Fisher explains in this fireside chat with Matt Rose.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
...
The JsonWebToken library has a flaw that could have lead to remote code execution (RCE).
Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns.