Application Security
Google this week announced OSV-Scanner, a free scanner that open source developers can use to receive vulnerability details relevant to their projects.The high number...
Hi, what are you looking for?
SecurityWeek
Cybersecurity Funding
Software supply chain security management startup Lineaje raises $7 million in a seed funding round led by Tenable Ventures.
Risk Management
The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...
Supply Chain Security
A new report found that 98% of organizations have a relationship with a third party that has been breached, while more than 50% have...
ICS/OT
The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...
Supply Chain Security
Chainguard OpenVEX Spec adds clarity to Supply Chain Vulnerability warnings specifications to help software vendors and maintainers communicate precise metadata about the vulnerability status...
Application Security
A new report finds that barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.
Cybercrime
Phylum security researchers warn of a new software supply chain attack relying on typosquatting to target Python and JavaScript developers.
Endpoint Security
Mordechai Guri, a cybersecurity researcher from the Ben-Gurion University of the Negev in Israel who specializes in air gap jumping, has released a paper...
Malware & Threats
An Iran-linked advanced persistent threat (APT) actor named Agrius is using a new wiper in attacks targeting entities in South Africa, Israel and Hong...
Application Security
The U.S. government’s mandates around the creation and delivery of SBOMs (software bill of materials) to help mitigate supply chain attacks has run into...
Cloud Security
Researchers at firmware and hardware security company Eclypsium have identified several potentially serious vulnerabilities in baseboard management controller (BMC) firmware made by AMI (American...
Cloud Security
IBM recently patched a vulnerability in IBM Cloud Databases for PostgreSQL that could have exposed users to supply chain attacks.
Supply Chain Security
Developers have been warned that the popular Quarkus framework is affected by a critical vulnerability that could lead to remote code execution.Available since 2019,...
ICS/OT
Forescout Technologies has disclosed the details of three new vulnerabilities identified by its researchers in operational technology (OT) products from Festo and Codesys.
Mobile & Wireless
US authorities announced a ban Friday on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear...
Supply Chain Security
A cross-tenant vulnerability in Amazon Web Services (AWS) could have allowed attackers to abuse AWS AppSync to gain access to resources in an organization’s...
Cyberwarfare
Microsoft is warning organizations about the risks associated with the discontinued Boa web server after vulnerabilities affecting the software were apparently exploited by threat...
Cybercrime
North Korean hackers working for the government stole virtual assets last year estimated to be worth between $630 million and more than $1 billion, U.N. experts...
Cyberwarfare
Cybersecurity Funding
Vulnerabilities
