March 30, 2023
This week: GitHub is issued a subpoena by Twitter over leaked source code. Also: 3CX software supply chain attack leaves millions at risk.
March 16, 2023
A Russian-speaking threat actor has breached several European organizations. Also: AI-created videos on YouTube are spreading infostealer malware.
March 9, 2023
The Week in Security: Lazarus attacks same South Korean entity twice, use of hard-coded secrets is up
North Korean-linked hacking group Lazarus attacked the same South Korean financial entity twice in 2022. Also: The number of hard-coded secrets is way up.
March 2, 2023
The Week in Security: LastPass shares disturbing breach details, CISA calls for software maker liability
New details expose that the recent hack on LastPass was worse than previously thought. Also: CISA has called for for software makers who develop insecure software to be held liable.
February 23, 2023
A misconfiguration likely caused a U.S. government server to leak sensitive military emails, and a massive phishing spam campaign has taken over npm.
February 16, 2023
The Week in Security: Russian hackers targeted U.S. gas and electric, malicious PyPI packages show prowess
This week: Russian-linked PIPEDREAM malware targeted critical infrastructure. Also: 400 malicious packages found on PyPI demonstrates attacker prowess.
January 26, 2023
The Week in Security: After breach, 'unusual activity' detected in GoTo and LastPass dev environments
This week: GoTo says its 2022 breach was worse than reported, also affecting LastPass. Also: A hacktivist finds FBI No Fly list on an unsecured server.
January 9, 2023
The collaboration between SOCs and software development teams is essential for ensuring your organization's software security. Here's why.
January 5, 2023
The tail-end of 2022 was plagued by ransomware attacks on critical infrastructure. Also, we break down the PyTorch software supply chain attack.
December 15, 2022
This week: Twelve malware wipers have been discovered in 2022. Also: The Cuba ransomware gang abused Microsoft certificates to sign malware.
December 13, 2022
Organizations need to look beyond traditional approaches for protecting their data in the cloud. Here's how deep scanning's modern approach reduces risk.
November 17, 2022
This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack.