Threat Research Go below the surface on tampering: The trouble with software integrity validation Karlo Zanki The growing number of software supply chain attacks is putting pressure on validation of software integrity Read More
Threat Research NPM coinminer: What you see is not always what you get Karlo Zanki Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the... Read More
Threat Research Beware: Overpowered plug-ins like PyPI can burn it all down Karlo Zanki Here's why your software development team needs to think twice before using a powerful third-party plug-in. Read More
Threat Research It’s not a secret if you publish it on PyPI Karlo Zanki Python packages can contain sensitive information. Here's how software development teams can keep secrets secret. Read More
Threat Research Groundhog day: NPM package caught stealing browser passwords Karlo Zanki Today almost everyone knows that they need to protect their publicly exposed services and applications against the... Read More
Threat Research Third-party code comes with some baggage Karlo Zanki Recognize risks introduced by statically linked third-party libraries. Read More
Threat Research Go below the surface on tampering: The trouble with software integrity validation Karlo Zanki The growing number of software supply chain attacks is putting pressure on validation of software integrity Read More
Threat Research NPM coinminer: What you see is not always what you get Karlo Zanki Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the... Read More
Threat Research Beware: Overpowered plug-ins like PyPI can burn it all down Karlo Zanki Here's why your software development team needs to think twice before using a powerful third-party plug-in. Read More
Threat Research It’s not a secret if you publish it on PyPI Karlo Zanki Python packages can contain sensitive information. Here's how software development teams can keep secrets secret. Read More
Threat Research Groundhog day: NPM package caught stealing browser passwords Karlo Zanki Today almost everyone knows that they need to protect their publicly exposed services and applications against the... Read More
Threat Research Third-party code comes with some baggage Karlo Zanki Recognize risks introduced by statically linked third-party libraries. Read More