Application Security Stolen GitHub Credentials Used to Push Fake Dependabot Commits Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions. Ionut ArghireSeptember 27, 2023
Application Security Google Open Sources Binary File Comparison Tool BinDiff Google has released the source code of BinDiff, a binary file comparison tool popular within the security research community, on GitHub. Ionut ArghireSeptember 27, 2023
Application Security CrowdStrike to Acquire Application Intelligence Startup Bionic The cash-and-stock transaction provides capabilities for CrowdStrike to beef up its enterprise cloud security portfolio. Ryan NaraineSeptember 19, 2023
Application Security CISA Releases Open Source Software Security Roadmap CISA details its plan to support the open source software ecosystem and secure the use of open source software within the federal government. Ionut ArghireSeptember 13, 2023
Application Security Intel Capital Bets on Zenity for Low-Code/No-Code Security Israeli security startup Zenity banks $16.5 million in new venture capital funding to work on ‘low-code/no-code’ security technology. Ryan NaraineSeptember 12, 2023
Application Security Thousands of Popular Websites Leaking Secrets Truffle Security has discovered thousands of popular websites leaking their secrets, including .git directories and AWS and GitHub keys. Ionut ArghireSeptember 6, 2023
Application Security GitHub Enterprise Server Gets New Security Capabilities GitHub Enterprise Server 3.10 released with additional security capabilities, including support for custom deployment rules. Ionut ArghireAugust 30, 2023
Application Security Signs of Malware Attack Targeting Rust Developers Found on Crates.io The Crates.io Rust package registry was targeted in preparation of a malware attack aimed at developers, according to Phylum. Eduard KovacsAugust 28, 2023
Application Security Google Brings AI Magic to Fuzz Testing With Eye-Opening Results Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage. Ryan NaraineAugust 17, 2023
Application Security Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns Adobe rolls out a big batch of security updates to fix at least 30 Acrobat and Reader vulnerabilities affecting Windows and macOS users. Ryan NaraineAugust 8, 2023
Application Security Apple Lists APIs That Developers Can Only Use for Good Reason To boost user privacy, Apple is requiring app developers to declare a reason to use specific APIs. Ionut ArghireJuly 31, 2023
Application Security The Good, the Bad and the Ugly of Generative AI Thinking through the good, the bad, and the ugly now is a process that affords us “the negative focus to survive, but a positive... Marc SolomonJuly 27, 2023