A code backdoor in a package on the Python Package Index demonstrates the importance of verifying code brought in from code repositories. The pace of…View More Malware in PyPI Code Shows Supply Chain Risks
DevSecOps definition DevSecOps is a culture shift in the software industry that aims to bake security into the rapid-release cycles that are typical of modern…View More What is DevSecOps? Why it’s hard to do well
Target is suing its insurer for costs of up to $74M that were incurred as a result of a data breach. America’s eighth-largest retailer claims…View More Target Sues Insurer Over Data Breach Costs
SQL injection errors are no longer considered the most severe or prevalent software security issue. Replacing it at the top of the Common Weakness Enumeration…View More SQL Injection Errors No Longer the Top Software Security Issue
China’s top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country’s top hacking competition. Over the…View More Chrome, Edge, Safari hacked at elite Chinese hacking contest
Chances are pretty good you’ve heard the term zero-day vulnerability. The term conjures up images of post-apocalyptic landscapes, where technology has either hit a singularity-level…View More What is a zero-day vulnerability?