AI vulnerability reporting fails maintainers
Google and others are inundating developers with AI-driven reporting. Are AI-enabled fixes the answer?
Featured
AI vulnerability reporting fails maintainers
MITRE ATT&CK v18: What’s in it — and why it matters
Learn what’s been added to the framework — and how you can use it to advance your threat detection and response.
Vet PowerShell Modules with Spectra Assure Community
PowerShell's broad use and open access make it an attractive target for supply chain attacks. Here's how Spectra Assure Community can help.
Latest
Vet PowerShell Modules with Spectra Assure Community
PowerShell's broad use and open access make it an attractive target for supply chain attacks. Here's how Spectra Assure Community can help.
Gartner's CTEM advances vulnerability management
The Continuous Threat Exposure Management model represents an evolution from CVSS. Here’s what you need to know.
AI vulnerability reporting fails maintainers
Google and others are inundating developers with AI-driven reporting. Are AI-enabled fixes the answer?
MITRE ATT&CK v18: What’s in it — and why it matters
Learn what’s been added to the framework — and how you can use it to advance your threat detection and response.
New AI security tool lays out key exposures
Risk Rubric gives assessments for LLM transparency, security and more. But it's only one tool in your AI security toolbox.
Evaluating YARA Rules for macOS Malware Hunting
With this evolving malware domain, you need clear, specific, and accurate YARA rules. Here's how Spectra Analyze can help.
How PowerShell Gallery simplifies attacks
PowerShell Gallery’s Install-Module command presents one key link in the kill chain of a possible attack.
Why core security controls for vibe coding are critical
Vibe coding is not going away — and the threat is real. But are developer tools like VibeSec that shift controls left up to the job?
AI is ramping up coding velocity — and risk
AI is producing code up to four times faster — but with 10 times more AppSec lapses. Here’s what you need to know.
Tracking an evolving Discord-based RAT family
RL's analysis of an STD Group-operated RAT yielded file indicators to better detect the malware and two YARA rules.
Will npm's new security steps stop attacks?
While 2FA and trusted publishing help, you need visibility into how packages behave — not just who is publishing.
Triaging MalDocs with Spectra Analyze
Spectra Analyze’s network indicator analysis features yield insights that help analyze phishing lures like MalDocs.
How to secure AI in container workloads
AI container workloads are growing — but security is not native. That makes additional controls essential.
RL Malware Analysis and Threat Hunting Updates for Q3 2025
Spectra Detect v5.6, Spectra Analyze v9.6, and Spectra Intelligence represent the next era of security and integration.
MCP credential weakness raises red flags
More than half of Model Context Protocol servers were found to rely on static, long-lived credentials. With AI agents on the rise, that’s a problem.