open source
Software Supply Chain Attackers Targeting Banks, Checkmarx Says
Two banks earlier this year were the targets of open source supply chain attacks, the first of their kind in the industry ...
Cyber Resilience Act: The Future of Software in the European Union
Representatives of member states of the European Union (EU) reached a common agreement yesterday regarding the proposed Cyber Resilience Act (CRA) ...
Open Source Security Incidents and How Organizations Can Respond
Attacks that leverage vulnerabilities in open source software are on the rise. How security teams respond to these incidents is key to what impact they will ultimately have. Oftentimes the attacks stemming ...
Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source
One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they ...
Answering Your Goldilocks Questions About How HPA and VPA Work Together
Kubernetes, the open source platform for managing containerized workloads, provides you with a framework for automating software deployment, scaling, and management. Let’s dig into the scaling part of that — K8s supports ...
A Closer Look: Differentiating Software Vulnerabilities and Malware
In today’s interconnected digital world, vulnerabilities and malware in open source software pose significant threats to the security and integrity of your software supply chain. While these two terms may appear synonymous ...
npm Manifest Confusion – What Is It and Do You Really Need to Worry About It?
Yesterday, Darcy Clarke, a software developer and a former npm CLI team Engineering Manager, steered everyone’s attention towards a gap in the npm registry website – what he calls “manifest confusion.” ...
Report: The Risk of Generative AI and Large Language Models
Generative AI has reshaped the digital content landscape, with Large Language Models (LLMs) like GPT pushing the boundaries of what machines can create. However, as this technology rapidly enters the market, are ...
Rezilion Report Finds World’s Most Popular Generative AI Projects Present High Security Risk
NEW YORK, June 28, 2023 – Rezilion, an automated software supply chain security platform, today announced a new report, “Expl[AI]ning the Risk: Exploring the Large Language Models (LLM) Open-Source Security Landscape,” finding ...
Announcing Gato Version 1.5!
On January 21, 2023 at ShmooCon 2023, Praetorian open-sourced Gato (Github Attack Toolkit), a first of its kind tool that focuses on abusing offensive TTPs targeting self-hosted GitHub Actions Runners. Since then, ...
