August 29, 2022
After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
July 12, 2022
ReversingLabs researchers uncovered a campaign to install malicious NPM modules harvesting sensitive data from forms embedded in mobile apps and websites.
June 2, 2022
The growing number of software supply chain attacks is putting pressure on validation of software integrity
June 1, 2022
Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.
June 1, 2022
Here's why your software development team needs to think twice before using a powerful third-party plug-in.
June 1, 2022
Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.