Security News and Research

In episode 2 of the ‘Building Security In – The Next Decade’ podcast, we discuss the impact and future of AI, machine learning and software security ...

In this first episode of Synopsys’ new podcast series, ‘Building Security In – The Next Generation’, we cover the current state of DevOps.  ...

Synopsys Cybersecurity Research Center has discovered a local privilege escalation vulnerability in Apple iTunes on Microsoft Windows.  Overview The Synopsys Cybersecurity Research Center (CyRC) has discovered CVE-2023-32353, a local privilege escalation vulnerability ...

Synopsys named a winner in the Application Security Organization category for a 2023 Fortress Cyber Security Award ...

Agreement between Synopsys and ReversingLabs delivers comprehensive software supply chain risk management solution.  Addressing the supply chain challenge In recent years, DevOps has changed the way software is released into production. This ...

CVE-2023-25828 vulnerability; history, mitigation analysis, and everything you need to know about the remote code execution (RCE) vulnerability in Pluck CMS.  Summary CVE-2023-25828, tracked in the Black Duck KnowledgeBase™ as BDSA-2023-0370, is an ...

Denise Ahrens, Andrea Jaime, Annia Rodriguez of Synopsys Software Integrity Group named to CRN’s 2023 Women of the Channel Awards list ...

Synopsys Cybersecurity Research Center discovers new RCE vulnerability and cross-site scripting vulnerability in OpenTSDB. Overview The Synopsys Cybersecurity Research Center (CyRC) has discovered a remote command execution vulnerability (CVE-2023-25826), and a reflected ...

CISA’s draft self-attestation form, published today, is a step in the right direction in demystifying EO 14028 compliance ...

Yes, AI chatbots can write code very fast, but you still need human oversight and security testing in your AppSec program ...