Connect with us
Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects appear to have been compromised. Powered by the Ethereum blockchain, dydX is a...
Wolfi is a new community Linux undistribution that combines the best aspects of existing container base images with default security measures that will include software signatures...
Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain. An important set of...
The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software...
Global organizations are increasingly at risk of ransomware compromise via their extensive supply chains. During May and June 2022 Sapio Research polled 2,958 IT decision-makers across 26 countries....
As cyber attackers increasingly look to capitalize on accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions and services as well...
The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released tips today on securing the software supply chain. This guidance...
Veracode released data revealing that the financial services industry ranks among the best for overall flaw percentage when compared to other industries, but has one of...
A phishing campaign caught yesterday was seen targeting maintainers of Python packages published to the PyPI registry. Python packages ‘exotel’ and ‘spam’ are among hundreds seen laced with...
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that some maintainers of...
Recent Comments