Develop Secure Software logo
Third-party code comes with some baggage
July 7, 2021

Third-party code comes with some baggage

Recognize risks introduced by statically linked third-party libraries.
Read More
It only takes one line of code to ruin your day
May 7, 2021

It only takes one line of code to ruin your day

Much like SolarWinds before it, this incident shows we need to take a more critical look at the software we are using and trusting to be good.
Read More
SunBurst: The next level of stealth
December 16, 2020

SunBurst: The next level of stealth

SolarWinds compromise exploited through sophistication and patience
Read More
Mining for malicious Ruby gems
April 16, 2020

Mining for malicious Ruby gems

Typosquatting barrage on RubyGems software repository users
Read More
SupPy Chain Malware: Detecting malware in package manager repositories
July 17, 2019

SupPy Chain Malware: Detecting malware in package manager repositories

Malicious actors are constantly on the lookout for new attack vectors and techniques, using them to infiltrate even the most secure of organizations
Read More
Forging the ShadowHammer: Inside the ASUS Live Update software supply chain attack
March 27, 2019

Forging the ShadowHammer: Inside the ASUS Live Update software supply chain attack

Operation ShadowHammer is a new and highly targeted supply chain attack discovered by Kaspersky Lab
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.