March 7, 2023
Here's what you need to know about app sec's addiction to vulnerabilities — and why application security needs to evolve to take on supply chain security.
February 23, 2023
The Circle CI breach and other recent hacks expose why the secrets problem is so prolific. Learn the why in this first post in our Secrets Revealed series.
February 9, 2023
Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.
February 7, 2023
A whole alphabet soup of agencies, offices and councils are springing up in D.C. and beyond. They’re trying to help us with software supply chain security.
January 31, 2023
Firing ‘the best of the best’ in open source does not bode well for software security. Will the last to leave please turn off the lights?
January 30, 2023
SBOMs could become Software Bills of Mediocrity. But not if we can agree on their value for software supply chain security. Chris Romeo explains.