Selective NVD enrichment: Why it matters
AI vulnerability reporting is overwhelming teams — and NIST. But for AppSec, scaling back analysis is cause for alarm.
Featured
Selective NVD enrichment: Why it matters
Spectra Analyze in Action: Retrohunting Bots
Learn how to use ReversingLabs’ Spectra Analyze to expand your detection of malicious Telegram C2 bots.
How Mythos changes the AppSec calculus
Here are the facts on Claude Mythos — and why a layered application security framework is essential.
Latest
Selective NVD enrichment: Why it matters
AI vulnerability reporting is overwhelming teams — and NIST. But for AppSec, scaling back analysis is cause for alarm.
Spectra Analyze in Action: Retrohunting Bots
Learn how to use ReversingLabs’ Spectra Analyze to expand your detection of malicious Telegram C2 bots.
How Mythos changes the AppSec calculus
Here are the facts on Claude Mythos — and why a layered application security framework is essential.
Copy Fail Flaw: 5 YARA Rules for Detection
Here’s what you need to know about the Linux kernel privilege escalation — and how to use YARA rules to get on top of it.
How agentic AI flips the trust model
As AppSec shifts focus from the components to data, your strategy needs updating. Are you on top of your trust debt?
Claude adds malware to crypto agent
PromptMink has evolved into a malicious dependency in a package that allows access to crypto wallets and funds.
MCP rug-pull attack worries mount
This new class of AI tool supply chain attack highlights how trust of agents can be exploited.
Can AppSec keep pace with AI coding?
AI lets software teams generate code at a rate faster than security can validate it. One way to win the race: more AI.
LLMmap puts its finger on ML attacks
Researchers show how LLM fingerprinting can be used to automate generation of customized attacks.
QR Code Phishing Evolves: How to Keep Up
Here's what you need to know about the rise of quishing — and how your threat hunting team can get out in front of it.
Vibeware: More than bad vibes for AppSec
Threat actors are leveraging the freewheeling vibe-coding trend to deliver malicious software at scale.
The CRA is coming: Are you ready?
Here's how the EU's Cyber Resilience Act will reshape the software industry — and how that accelerates advantages.
Why RL Built Spectra Assure Community
We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.
Graphalgo fake recruiter campaign returns
An attack targeting crypto developers has been respawned — with an LLC and new techniques.
Claude Mythos: Get your AppSec game on
Anthropic's new AI is a 'step change' for exposing software flaws — but also ramps up exploits. Are you ready?