Tag: Programming
-
Beware of Typos that May lead to malicious PyPI Package Installation
The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious …
-
North Korean Hackers Targeting Developers with Malicious npm Packages
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new …
-
Identify Java nested dependencies with Amazon Inspector SBOM Generator
Amazon Inspector is an automated vulnerability management service that continually scans Amazon Web Services (AWS) workloads for software …
-
Why Bloat Is Still Software’s Biggest Vulnerability
This post is dedicated to the memory of Niklaus Wirth, a computing pioneer who passed away 1 January 2024. In 1995 he wrote an influential …
-
Rust can help make software secure – but it’s no cure-all
Memory-safety flaws represent the majority of high-severity problems for Google and Microsoft, but they’re not necessarily associated with …
-
Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit
Payloads recently found on compromised Ivanti Connect Secure appliances could be from the same, sophisticated threat actor, according to …
-
Crypto Stealing PyPI Malware Hits Both Windows and Linux Users
FortiGuard Labs’ latest research report reveals a concerning trend: threat actors are leveraging the Python Package Index (PyPI), an open …
-
MavenGate Supply Chain Attack Let Attackers Hijack Java & Android Apps
Hackers use supply chain attacks to breach a target by gaining access to and taking advantage of weaknesses in the vendor, partner, or …
-
Android, Java apps susceptible to novel MavenGate software supply chain attack technique
Numerous Android and Java apps leveraging abandoned open-source libraries, including all technologies based on Apache Maven, could be …
-
API Security Best Practices: Safeguarding Your Digital Assets
1. Introduction Application Programming Interfaces (APIs) are crucial in modern software development, enabling seamless communication and …
-
How Golang Manages Its Security Supply Chain
The success of open source software also brings new security concerns. That was one of the most interesting takeaways from a recent keynote …
-
What Are the Security Implications of AI Coding?
AI coding is here, and it’s transforming the way we create software. The use of AI in coding is actively revolutionizing the industry and …
●●●