vulnerabilities

vulnerabilities news search results

Developer news items we found relating to vulnerabilities

35 results
Vulnerabilities-in-Apple-products-alert

Vulnerabilities in Apple products alert


Monday, September 30, 2024 by

CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. The vulnerabilities affect a wide range of Apple software, including iOS versions prior to 18, iPadOS versions prior to 18, macOS Sonoma versions prior to 14.7, macOS Ventura versions prior to 13.7, and the upcoming macOS Sequoia versions prior to ...


AI-regulations-in-software-development

AI regulations in software development


Tuesday, August 27, 2024 by

AI is rapidly changing the software development field, making clear regulations essential to prevent risks like data breaches and ensure ethical practices. These regulations are also key to reshaping developer roles while preserving the need for human expertise. AI regulations in software development The implementation of formal AI policies within companies is cri...


DevOps-threats-report-released-from-GitProtect-io

DevOps threats report released from GitProtect io


Monday, August 12, 2024 by

Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face...even every few days. The State of DevOps threats report - teams affected every few days GitProtect.io recently presented its studies on the most severe incidents affecting tools like GitHub...


Secure-software-development-education-report-from-the-Linux-Foundation

Secure software development education report from the Linux Foundation


Wednesday, August 7, 2024 by

Linux Foundation Research and the Open Source Security Foundation (OpenSSF) are pleased to release a new report titled "Secure Software Development Education 2024 Survey: Understanding Current Needs." Based on a survey of nearly 400 software development professionals, the analysis explores the current state of secure software development. It underscores&n...


Social-engineering-takeover-attacks-are-on-the-rise

Social engineering takeover attacks are on the rise


Thursday, April 18, 2024 by

OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident. The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...


Veracode-acquires-Longbow-Security

Veracode acquires Longbow Security


Thursday, April 18, 2024 by

Veracode announced the acquisition of Longbow Security, a security risk management platform for cloud-native environments. The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations effectively manage and reduce application risk across the growing attack surface. The integration of Longbow in...


AI-integration-challenges-software-developers

AI integration challenges software developers


Wednesday, March 13, 2024 by

The promise and perils of Artificial Intelligence (AI) has been dominating the headlines with everyone from software developers to students working on ways to integrate it into their daily processes. This burgeoning interest in AI is borne out by the fifth annual Reveal 2024 Top Software Development Challenges survey, which found that the biggest software development ch...


ONCD-asks-software-manufacturers-to-adopt-memory-safe-languages

ONCD asks software manufacturers to adopt memory safe languages


Tuesday, March 5, 2024 by

The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain. "For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...


Secure-software-development-insights-from-The-Linux-Foundation

Secure software development insights from The Linux Foundation


Monday, February 5, 2024 by

The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem. Maintainer Perspective...


Cybersecurity-performance-optimization-updates-from-Logpoint

Cybersecurity performance optimization updates from Logpoint


Friday, February 2, 2024 by

Logpoint is releasing new capabilities to its Converged SIEM platform, enhancing threat detection and security operations and streamlining case management. Organizations can focus on essential security matters with the new capabilities by reducing workload, simplifying automation, and freeing up resources. The new release delivers increased system stability and ...


Cloud-radio-access-networks-industry-growth-projections

Cloud radio access networks industry growth projections


Thursday, February 1, 2024 by

The global cloud radio access network market is projected to grow at a staggering 22.9% value CAGR, reaching US$ 43.2 Billion, following an assessment period ranging from 2022-2032. As per a newly published report on this industry by Fact.MR, a valuation of US$ 5.5 Billion has been anticipated during FY 2022. Furthermore, the market is expected to yield a dollar opportu...


Software-delivery-lifecycle-security-predictions-from-OpsMx

Software delivery lifecycle security predictions from OpsMx


Wednesday, December 20, 2023 by

Heading into 2024, enterprises face mounting security concerns related to data breaches, evolving privacy regulations, and their increasing reliance on the cloud and software service providers. As such, they are under increasing pressure to secure the software delivery lifecycle and better understand where the threats are coming from and what their vulnerabilities are. ...


AI-cybersecurity-impacts-according-to-NetLib-Security

AI cybersecurity impacts according to NetLib Security


Monday, December 18, 2023 by

This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side. 2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...


ASPM-2024-report-from-Cycode

ASPM 2024 report from Cycode


Friday, December 15, 2023 by

Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...


AI-app-development-assistant-lands-from-NodeSource

AI app development assistant lands from NodeSource


Thursday, November 30, 2023 by

NodeSource, the Node.js observability, application management, monitoring, and security platform, announced the launch of the N|Solid Copilot, an AI assistant integrated into the Console of N|Solid Pro. Leveraging the N|Solid Pro platform to capture the most detailed telemetry for applications and paired with the company’s Node.js experts and OpenAI, the...


API-security-risks-report-exposes-Netflix-and-Wordpress

API security risks report exposes Netflix and Wordpress


Monday, November 27, 2023 by

Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP. The new report i...


AI-performance-monitoring-from-Datadog-and-Vertex-AI

AI performance monitoring from Datadog and Vertex AI


Thursday, November 16, 2023 by

Datadog, Inc., the monitoring and security platform for cloud applications, announced an expanded strategic partnership with Google Cloud, which enables Google Cloud customers to proactively observe and secure their cloud-native and hybrid applications within Datadog’s unified platform. As part of the expanded partnership and integrations, Datadog is one of the fi...


Detect-hard-coded-secrets-with-new-capabilities-from-Cycode

Detect hard coded secrets with new capabilities from Cycode


Thursday, August 10, 2023 by

Cycode announced the expansion of its hard-coded secrets detection in cloud-based workplaces, as well as a collaboration with Azure DevOps pipelines to ensure end-to-end supply chain integrity and a new IDE plug-in for seamless integration with VS Code. Building upon its existing code-to-cloud coverage, Cycode now extends its secrets scanning capabilities to encompas...


App-security-training-enhancements-by-Security-Journey

App security training enhancements by Security Journey


Wednesday, July 19, 2023 by

Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...


NFT-marketplace-and-gallery-to-launch-from-Trend-Innovations

NFT marketplace and gallery to launch from Trend Innovations


Wednesday, April 26, 2023 by

Trend Innovations Holding Inc. has recently announced that they will combine two recent acquisitions to upgrade and launch a more robust version of the company's newly acquired InstantFAME platform. InstantFAME is a mobile and web application, which operates in the multi-billion-dollar digital artwork marketplace for artists to securely publish and sell their d...


Oxeye-discovers-vulnerability-in-HashiCorp-Vault-Project

Oxeye discovers vulnerability in HashiCorp Vault Project


Tuesday, April 25, 2023 by

Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...


SBOM-mandate-to-improve-cybersecurity-in-the-US

SBOM mandate to improve cybersecurity in the US


Friday, March 17, 2023 by

The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...


AppSec-2023-predictions-from-Oxeye-Security

AppSec 2023 predictions from Oxeye Security


Wednesday, February 8, 2023 by

Oxeye, the provider of award-winning cloud-native application security, announced five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications resulting in the need for new and more ef...


Will-AI-make-us-more-secure

Will AI make us more secure


Friday, February 3, 2023 by

ChatGPT, the dialogue-based AI chatbot capable of understanding natural human language, has become another icon in the disruptor ecosystem. Gaining over 1 million registered users in just 5 days, it has become the fastest-growing tech platform ever. ChatGPT generates impressively detailed human-like written text and thoughtful prose, following a text input prompt. ...


ChatGPT-gains-1-million-users-within-5-days

ChatGPT gains 1 million users within 5 days


Friday, December 23, 2022 by

ChatGPT has gained over 1 million registered users in just 5 days, it became the fastest-growing tech platform ever. ChatGPT generates impressively detailed human-like written text and thoughtful prose, after being fed a text input prompt. In addition, ChatGPT also writes code. The Web3 community was intrigued, curious, and shocked by the power of this AI Chatbot. No...


Zero-trust-policies-for-software-releases-could-be-key

Zero trust policies for software releases could be key


Thursday, December 8, 2022 by

Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...


Game-of-Chains-launches-from-Cosmos

Game of Chains launches from Cosmos


Monday, November 28, 2022 by

The Interchain Foundation (ICF), a Swiss non-profit that funds, stewards, and advances the Cosmos Ecosystem has announced the details of Game of Chains, the third public incentivized testnet in the history of Cosmos, following Game of Stakes and Game of Zones. A global community effort set to help validators develop confidence around Interchain Security and provide a pu...


Open-Bug-Bounty-has-fixed-1-million-vulnerabilities

Open Bug Bounty has fixed 1 million vulnerabilities


Monday, November 7, 2022 by

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities. The Open Bug Bounty project enables website owners to receive advice and support from&n...


Decentralized-wallets-suggested-after-Solana-hack

Decentralized wallets suggested after Solana hack


Wednesday, August 17, 2022 by

The recent hack on the Solana cryptocurrency wallet has led to a drain of millions of dollars, which raised concerns about the security of the crypto ecosystem. Against this backdrop, the volume of discussions around 'Solana' among Twitter influencers surged in the first week of August as most of them commended the use of decentralized or open source w...


The-CodeLogic-CSI-lands-to-reduce-software-breaking-code

The CodeLogic CSI lands to reduce software breaking code


Thursday, July 14, 2022 by

CodeLogic, the Continuous Software Intelligence company, has launched the developer toolkit that scans post-compile binaries, runtime app behavior, and database connections to provide a complete and up-to-the-second picture of infrastructure-wide software connections and dependencies. CodeLogic says they address the unrelenting complexity that, according ...


ImmuniWeb-Neuron-web-security-scanning

ImmuniWeb Neuron web security scanning


Friday, June 10, 2022 by

ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available. ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...


Playable-NFT-graphical-novel-Quantum-Noesis-lands

Playable NFT graphical novel Quantum Noesis lands


Monday, May 2, 2022 by

EVI (short for Electronic Virtual Intelligence) is on the verge of achieving sentience as the first true general Artificial Intelligence. But there are powerful forces at work to destroy her! To safeguard the Noesis Network, EVI has gamified part of her security, transforming vulnerabilities in the code into audiovisual puzzles that are easier for the human mind to g...


Why-developers-need-security

Why developers need security


Friday, February 18, 2022 by

They say that everything is personal. Well, so is code development. Since childhood, I was surrounded by developers my father was a developer, my uncle was a developer, and that was all I knew growing up. When people asked me what I wanted to do when I got older, the only answer was, well, to become a developer. Code development was very different back then, we lea...


Software-company-LeanIX-celebrates-10th-anniversary

Software company LeanIX celebrates 10th anniversary


Friday, February 4, 2022 by

LeanIX celebrates 10 years in business this month. An international success story, LeanIX has quickly earned the trust of 650 customers, including more than 10 percent of the Global 500, and serves 150,000 users worldwide. This 10th anniversary follows a year that saw LeanIX continue to grow at 60%, successfully complete a major acquisition (Cleanshelf), sign ...


DevOps-predictions-for-2022

DevOps predictions for 2022


Wednesday, January 19, 2022 by

Yoav Landman, Co-Founder, and CTO of JFrog created Artifactory after 7 years as a senior consultant with AlphaCSP. He has held several senior technical roles with Attunity, Verve, and Sausage. Yoav holds a Master of Computing degree from RMIT University and a BA in Law (LLB) from Haifa University. Low-Code/No-Code, Metaverse, and DevOps predictions for 2022 Landma...