Application Security
Source Defense, a provider of web application client-side protection, says it pocketed $27 million in Series B funding, bringing the total investment raised by...
Hi, what are you looking for?
SecurityWeek
Malware & Threats
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.
Malware & Threats
Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information.
Nation-State
The China-linked hacking group Earth Ammit has launched multi-wave attacks in Taiwan and South Korea to disrupt the drone sector.
Cyberwarfare
As Xi Jinping advances his vision for China’s dominance by 2049, cybersecurity experts warn that connected technologies—like EV batteries—may quietly serve as tools of...
Cybersecurity Funding
Geneva-based code quality company is cashing in on heightened investor interest in the software supply chain security space
Cybersecurity Funding
Fortress Information Security on Tuesday announced raising $125 million from Goldman Sachs, an investment that it plans on using to help critical industry operators...
Application Security
Google has teamed up with GitHub for a solution that should help prevent software supply chain attacks such as the ones that affected SolarWinds...
Audits
Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of "hundreds of malicious...
Supply Chain Security
Application Security
A cybersecurity startup is warning of a major, unattended weak link in the software supply chain: the vexing problem of valuable corporate secrets --...
Application Security
Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source...
Supply Chain Security
Application Security
A team of Israeli entrepreneurs with roots in the application security ecosystem is taking a stab at software supply chain security with big backing...
Supply Chain Security
Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.
Cybersecurity Funding
A series of vulnerabilities in 42Gears’ SureMDM device management products could have resulted in a supply chain compromise against any organization using the platform.
Application Security
Scribe Security, an Israeli startup seeking to protect the software supply chain, has raised $7 million in seed funding.The investment round was led by...
Supply Chain Security
2021 can be described as the year of the software supply chain attack – the year in which SolarWinds opened the world’s eyes, and...
Risk Management
Supply Chain Security
A critical vulnerability addressed recently in SAP NetWeaver AS ABAP and ABAP Platform could be abused to set up supply chain attacks, SAP security...
Application Security
A group for ex-Google software engineers has raised $5 million in seed funding for Chainguard, an early-stage startup tackling vexing problems associated with software...
Application Security
Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking...
Application Security
A highly-critical vulnerability in a popular open-source CI/CD solution can be exploited to hijack sensitive secrets for downstream supply chain attacks, according to a...
Application Security
The North Korea-linked state-sponsored hacking group Lazarus has started to target the IT supply chain in recent attacks, according to cybersecurity firm Kaspersky.
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late.
(Matt Honea)
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
(Trevin Edgeworth)
Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.
(Marc Solomon)