Attacks Grow in Sophistication, Targeting AI, Commercial Software, Crypto, and Open Source
RL has discovered a loophole on VS Code Marketplace that allows threat actors to reuse legitimate, removed package names for malicious purposes.
Learn More about Loophole allows threat actors to claim VS Code extension names
Developer Productivity Engineering provides a framework to boost code production and creativity — and can help to improve application security.
Learn More about How DPE can speed development — and boost your AppSec
Here are six lessons learned from the near-miss that was the Amazon Q Developer incident. Don't let luck be your security strategy.
Learn More about How AWS averted an AI coding supply chain disaster