by Paul Ducklin If you run a WordPress site with the Ultimate Members plugin installed, make sure you’ve updated it...

Threat actors are exploiting vulnerable secure shell protocol (SSH) servers to launch Docker services that take advantage of an emerging and lucrative attack vector...

There has always been a tradeoff in IT between shipping new features and functionality versus paying down technical debt, which includes things like reliability,...

Tanium, the industry’s only provider of converged endpoint management (XEM), today released major enhancements to the Tanium Software Bill of Materials (SBOM) that now...

BLACK HAT ASIA – Singapore – When you're in an environment where the overwhelming majority of network traffic is classified as posing a severe...

After months of inactivity, Earth Longzhi — a suspected subgroup of the notorious APT41 — is again attacking organizations across industry targets in Southeast...

Software is an important part of every business in 2023. And whether you are building it or deploying it, it's absolutely crucial you know...

by Paul Ducklin Logging software has made cyberinsecurity headlines many times before, notably in the case of the Apache Log4J...

Developers interested in gauging the security of the open source components have an abundant number of choices, but still have to choose to use...

AI is dominating headlines. ChatGPT, specifically, has become the topic du jour. Everyone is taken by the novelty, the distraction. But no one is addressing...

The security community is always pressured to jump to the next thing. So, it's easy to guess what will likely dominate conversations at the...

Across all industry sectors, open source software continues to pose a challenge for software security. We're all aware that vulnerabilities in commercial and open...