A major expansion of the self-propagating Shai-Hulud cyberattack aimed at popular node package managers (npms) used by JavaScript application developers is creating a major headache for DevSecOps teams around the globe. Based on what is being described as the “Second Coming” of Shai-Hulud, this version affects a much wider range of npms and is much […]
Anthropic Launches Claude Sonnet 4.5: Built for Production Coding and Extended Autonomous Work
Anthropic’s Claude Sonnet 4.5 sets a new bar for coding, agentic tasks, and computer use, with 30+ hours of autonomous operation. Early adopters report major gains in accuracy, security, and long-horizon development. With new tools and SDKs, Sonnet 4.5 marks the shift from AI as assistant to AI as a true engineering teammate.
Zero-Trust, Full Stack: Embedding Cybersecurity Principles Into Site Reliability Engineering Culture
These days, with digital threats everywhere, cybersecurity must evolve beyond just being a perimeter measure. Given the rapid delivery of software and the transient nature of infrastructure, security must be built into DevOps. This shift presents both a challenge and an opportunity for site reliability engineers (SREs) to apply zero-trust principles everywhere, starting with infrastructure […]
Bad Actor Targets Linux, macOS Developers with Typosquatted Go Packages
The attacker published at least seven malicious packages on the Go Module Mirror that, if installed, will deliver a backdoor.
Navigating the Next Wave of Cybersecurity Legislation With a Supercharged Security Culture
CISOs at the forefront of implementing developer-driven security programs choose upskilling solutions that allow for precision measurement, in addition to customization that is reflective of scenarios they are most likely to encounter in the course of their work.
DryRun Security Defines Application Security Policies Using Natural Language
DryRun Security today added an ability to use natural language to define and enforce application security policies as application developers build software.
CISA Pushes Steps to Better Secure Software and Product Designs
The country’s top cybersecurity agency is urging developers to take steps to ensure the software they’re building and the products they roll out are secure and protect end users. The Cybersecurity and Infrastructure Security Agency (CISA) this week rolled out a series of recommendations that it wants businesses and critical infrastructure organizations to adopt to […]
Automating Web Application Security Testing to Combat Cyber Threats
Despite the hundreds of exposed web applications and APIs in our attack surfaces, many assets remain dangerously untested and vulnerable to cyberattacks.
The Software Extinction Event That Wasn’t
The world may have just avoided a cybersecurity disaster, with potential impact of CrowdStrike x1000. Imagine if the world’s most pervasive programming language, used in the majority of organizations, services, websites and infrastructure today, was itself made to be malicious? Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker […]
The Risks of the Cloud Oligopoly
The cloud oligopoly, insofar as it stifles competition, represents a potentially overlooked area in which businesses must assess their supply chain commitments.
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 10
- Next Page »