software supply chain
Broken ARM: Mali Malware Pwns Phones
Exploited in the wild: Yet more use-after-free vulns in Arm’s Mali GPU driver ...
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Unlocking the power of generative AI in software development: Insights from Sonatype’s survey
Over the past year, generative artificial intelligence (AI) rapidly emerged as a game-changing technology, similar to the disruptive force of cloud computing in the 2000s. As often happens during the initial phases ...
What Can Happen If You Don’t Address Software Supply Chain Security Issues?
By now we know that software supply chain security issues are plentiful. And perhaps you’ve (wisely) decided that it’s a good idea to secure your software supply chain…you just haven’t gotten around ...
Products for Software Supply Chain Security
As CISOs and CSOs craft or broaden their software supply chain security programs, they will be faced with an overwhelming number of tools in a variety of categories. Even with product consolidation, ...
Google Cloud Build Flaw Could Enable Supply Chain Attacks
Bad actors could exploit a design flaw, called Bad.Build, in Google Cloud Build to escalate privileges and gain access to Google Artifact Registry code repositories ...
Getting started with the Secure Software Development Framework (SSDF)
In today’s software-driven world, it’s crucial to ensure the security of software during development. Yet many software development life cycle (SDLC) models lack specific emphasis on software security, requiring the addition of ...
ChatGPT Provides Limited Help Identifying Malware
Current LLM-based tech like ChatGPT can accurately classify malware risk in only 5% of cases—and they may never be able to recognize novel approaches used to create malware ...
Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source
One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they ...
A Closer Look: Differentiating Software Vulnerabilities and Malware
In today’s interconnected digital world, vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain. While these two terms may appear synonymous ...
