As more organizations shift to cloud-native application development to support new business features and digital transformation initiatives, software supply chain issues have become more...
Many vulnerabilities that ransomware operators used in 2022 attacks were years old and paved the way for the attackers to establish persistence and move...
As we pass the first anniversary of the Log4j vulnerability disclosure, it's a timely reminder that when a vulnerability is serious, it deserves our...
The security industry collectively loses its mind when new vulnerabilities are discovered in software. OpenSSL is no exception, and two new vulnerabilities overwhelmed news...
YOKOHAMA, Japan, Dec. 5, 2022 — The Open Source Security Foundation
(OpenSSF), a cross-industry organization hosted at the Linux Foundation that brings together the world’s...
The Log4j vulnerability continues to present a major threat to enterprise organizations one year after the Apache Software Foundation disclosed it last November —...
An unpatched VMware Horizon server allowed an Iranian government-sponsored APT group to use the Log4Shell vulnerability to not only breach the US Federal Civilian Executive Branch...