The overlooked changes that two Trump executive orders could bring to cybersecurity
Good, bad, puzzling — a March order and June order could have bigger ripples than realized when the president signed them.
Advertisement
open source
AsyncRAT seeds family of more than 30 remote access trojans
ESET researchers observed tens of thousands of machines infected with AsyncRAT and its variants over the past year. The open-source malware is a popular tool among cybercriminals.
Unverified code is the next national security threat
Congress and federal agencies can take some simple steps to better protect open-source software.
String of defects in popular Kubernetes component puts 40% of cloud environments at risk
Researchers aren’t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.
Researchers raise alarm about critical Next.js vulnerability
The software defect in the widely used open-source JavaScript framework allows attackers to bypass middleware-based authorization.
Chainguard’s FIPS-compliant Cassandra addresses security demand of federal and regulated markets
The new offering paves the way for orgs to use the widely popular open-source software with their highly sensitive data.
Advertisement
Projecting the next decade of software supply chain security
A 2035 vision includes a shift that combines security and innovation.
Here’s all the ways an abandoned cloud instance can cause security issues
Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers.
Open-source security spat leads companies to join forces for new tool
A company’s licensing change to a static analysis tool has forced 10 companies together to create Opengrep.
Attackers are hijacking Jupyter notebooks to host illegal Champions League streams
Normally reserved for data analysis, a cybersecurity firm caught online content pirates hosting soccer matches.