Application Security
GitHub this week made secret scanning generally available and free for all public repositories.
Hi, what are you looking for?
SecurityWeek
Application Security
Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions.
Application Security
Google has released the source code of BinDiff, a binary file comparison tool popular within the security research community, on GitHub.
Application Security
The cash-and-stock transaction provides capabilities for CrowdStrike to beef up its enterprise cloud security portfolio.
Application Security
CISA details its plan to support the open source software ecosystem and secure the use of open source software within the federal government.
Application Security
Israeli security startup Zenity banks $16.5 million in new venture capital funding to work on ‘low-code/no-code’ security technology.
Application Security
Truffle Security has discovered thousands of popular websites leaking their secrets, including .git directories and AWS and GitHub keys.
Application Security
While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...
Application Security
GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.
Application Security
PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.
Application Security
Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.
Application Security
A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.
Application Security
A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.
Application Security
Many developers and security people admit to having experienced a breach effected through compromised API credentials.
Application Security
Vendors and agencies are bypassing a security patch that Adobe released in February 2022 to address CVE-2022-24086.
Application Security
Canadian liquor distributor Liquor Control Board of Ontario said a web skimmer injected into its online store was used to steal data.
Application Security
Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...
Application Security
Hack The Box Raises $55 Million in Funding Round Led by Carlyle
Endpoint Security
GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.
Funding/M&A
Malware & Threats
The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...
Cloud Security
Vulnerabilities
Vulnerabilities
