Security

Latest from today

Attackers attempted hijacking 12,000 GitHub accounts with click-fix alerts

The fake alerts trick users into authorizing a malicious OAuth application capable of a full account takeover.

By Shweta Sharma

Mar 17, 20251 min

DeveloperSecurity

Supply chain compromise of Ultralytics AI library results in trojanized versions

By Lucian Constantin

Dec 09, 20241 min

Development Libraries and FrameworksPythonSecurity

Articles

Kazakhstan’s SOS 102: Redefining Public Safety Through Innovation

By IDC

Jan 23, 2025 4 mins

Security

A GRC framework for securing generative AI

How can enterprises secure and manage the expanding ecosystem of AI applications that touch sensitive business data? Start with a governance framework.

By Trevor Welsh

Nov 19, 2024 11 mins

Application SecurityData GovernanceGenerative AI

Java proposals would boost resistance to quantum computing attacks

OpenJDK proposals would provide Java implementations of a quantum-resistant module-latticed-based digital signature algorithm and key encapsulation mechanism.

By Paul Krill

Nov 08, 2024 2 mins

Application SecurityData and Information SecurityJava

‘Package confusion’ attack against NPM used to trick developers into downloading malware

Attackers gunning for supply chains again, deploying innovative blockchain technique to hide command & control.

By John E. Dunn

Nov 06, 2024 4 mins

Open SourceSecurityVulnerabilities

What Entrust certificate distrust means for developers

Secure communications between web browsers and web servers depend on digital certificates backed by certificate authorities. What if the web browsers stop trusting your CA?

By Travis Van

Oct 30, 2024 9 mins

Application SecurityBrowser SecurityWeb Development

Why are we still confused about cloud security?

We’re building too much complexity and are ill-trained to secure it. The result will be breach after breach, while enterprises wonder what happened. Get a clue now.

By David Linthicum

Oct 15, 2024 5 mins

Cloud SecurityIdentity and Access ManagementSecurity Infrastructure

Open source package entry points could be used for command jacking

Threat actors could use these supply chain attacks to compromise applications, says Checkmarx.

By Howard Solomon

Oct 14, 2024 1 min

Open SourceSecurityVulnerabilities

Why cloud security outranks cost and scalability

Too many businesses believe that adequate security is too expensive. Here are some ways to keep costs manageable.

By David Linthicum

Oct 04, 2024 5 mins

APIsCloud SecurityMicroservices

Understanding VBS Enclaves, Windows’ new security technology

Microsoft is protecting Recall’s vector indexes in trusted execution environments. It adds a bit of computational overhead, but is a must for data security.

By Simon Bisson

Oct 03, 2024 8 mins

ContainersData and Information SecurityWindows Security

Java 23 highlights crypto performance and security

Security-related enhancements include crypto performance updates, new debugging options, and additions to Kerberos and PKI.

By Paul Krill

Sep 24, 2024 3 mins

JavaProgramming LanguagesSecurity

Security takes a front seat

Threats that have always existed but are now amped up by generative AI are making enterprise leadership take notice and open the purse strings.

By Matt Asay

Aug 19, 2024 4 mins

Application SecurityCloud SecurityTechnology Industry

Red-teaming AI with PyRIT

Microsoft has open sourced a key piece of its AI security, offering a toolkit that links data sets to targets and scores results, in the cloud or with small language models.

By Simon Bisson

Aug 15, 2024 7 mins

Application SecurityGenerative AIMicrosoft Azure