Blog | ReversingLabs | Secure Software Blogwatch

Secure Software Blogwatch

August 15, 2023

AI coding helpers get FAILing grade

Purdue researchers expose generative AI tools like Copilot's frequent errors when asked basic development questions. Only fools rush in.

August 8, 2023

Listen up, devs: AI trained to overhear passwords

Deep learning model knows what keys you press — “with 95% accuracy.” The password's days are numbered.

July 25, 2023

No net for some, no root for devs — Google pilot walls off staff internet, access for ‘safety’

It’s an optional trial program (for now). How would your dev team cope? Is this the future of zero trust?

July 18, 2023

JumpCloud 'nation state’ phishing attack spotlights third-party risk management

The big-fish IAMaaS cloud identity service provider opens its kimono. What can you learn from the exposure?

July 11, 2023

EU-US data transfers back in hotseat: Security of user data adds to privacy concerns

Privacy of user data is one thing, but security of that data is equally important.

July 5, 2023

Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites

C’mon, dev teams — it's about time to get serious about memory safety, XSS and SQLi.

June 27, 2023

Hackers breached UPS data for SMS phish spree

It’s a dog-eat-dog world ... Bug allows bad actor to manipulate URLs and extract data. Note to devs: Avoid consecutive object references and add entropy.

June 21, 2023

Passkeys standard: Time to add it to your dev plans?

Forward-thinking DevOps shops are doing it already. Isn’t it time your team got on board?

June 13, 2023

MOVEit software exploit walks before it runs

Cl0p quietly tested the flaw for two years before launching the full exploit. Lesson: Look both ways before crossing.

June 6, 2023

PyPI hackers code sneaky new tactic. Researchers caught 'em red handed

Compiled-code behavior analysis beats old-skool app sec tools.

May 31, 2023

‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?

Experts warn ChatGPT-based coding could do to us what an asteroid did to the dinosaurs. Hype — or heads-up to reckon with?

May 23, 2023

PyPI paused as automated attack overwhelms admins

Python Package Index was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit the pause button.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

Secure Software Blogwatch

AI coding helpers get FAILing grade

Listen up, devs: AI trained to overhear passwords

No net for some, no root for devs — Google pilot walls off staff internet, access for ‘safety’

JumpCloud 'nation state’ phishing attack spotlights third-party risk management

EU-US data transfers back in hotseat: Security of user data adds to privacy concerns

Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites

Hackers breached UPS data for SMS phish spree

Passkeys standard: Time to add it to your dev plans?

MOVEit software exploit walks before it runs

PyPI hackers code sneaky new tactic. Researchers caught 'em red handed

‘Extinction risk’: Could code-writing AI wipe out humans via software backdoors?

PyPI paused as automated attack overwhelms admins

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Secure Software Blogwatch

Topics

Follow us

Subscribe

Special Reports