Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we'll offer articles...
Things to know:– December 14th, 2023, Ledger experienced an exploit on Ledger Connect Kit, a Javascript library to connect Web sites to wallets.– The...
COMMENTARYAfter Log4j, software supply chains are under more scrutiny for security issues. The US government mandated software bills of materials (SBOMs) for federal software...
PRESS RELEASEOrlando, FL, December 11, 2023 – Fortress Information Security (Fortress) and CodeSecure today announced a partnership to offer new capabilities to map open-source software components and find...
PRESS RELEASESAN FRANCISCO, Dec. 06, 2023 (GLOBE NEWSWIRE) -- Cycode, the leader in Application Security Posture Management (ASPM), today announced the inaugural State of ASPM 2024...
Two North Korean state-backed threat groups, whom Microsoft is tracking as Diamond Sleet and Onyx Sleet, are actively exploiting CVE-2023-42793, a critical remote code...
Endor Labs, creator of the Code and Pipeline Governance Platform, today announced $70 million in oversubscribed Series A financing from Lightspeed Venture Partners (LSVP), Coatue, Dell Technologies Capital, Section...
Developers are increasingly adopting security testing as part of the development pipeline, but companies still have room for improvement, with a minority of companies...
NEW YORK, July 26, 2023 /PRNewswire/ -- Rezilion, an automated software supply chain security platform, today announced a new report, "CVSS, EPSS, KEV: The New Acronyms -...
There has always been a tradeoff in IT between shipping new features and functionality versus paying down technical debt, which includes things like reliability,...
The official open source code repository for the Python programming language, the Python Package Index (PyPI), will require all user accounts to enable two-factor...