vulnerabilities

vulnerabilities news search results

Developer news items we found relating to vulnerabilities

35 results
AI-solutions-for-US-government

AI solutions for US government


Monday, December 23, 2024 by

Seekr and Carahsoft Technology Corp. have announced a partnership. Under the agreement, Carahsoft will serve as Seekr’s Master Government Aggregator, making the company’s reliable and transparent AI platform available to the Public Sector through Carahsoft’s reseller partners and NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Tech...


Why-your-ChatGPT-app-will-need-a-no-code-rescue

Why your ChatGPT app will need a no-code rescue


Wednesday, December 18, 2024 by

Josh Haas explains how generative AI falls short in app development, leaving founders to face challenges like iteration, security, and usability. He highlights how pairing AI with no-code platforms enables faster, scalable, and secure app creation. Why your ChatGPT app will need a no-code rescue Every day, we see YouTube videos of people using AI to turn plain English...


Real-time-security-software-development-from-Symbiotic-Security

Real time security software development from Symbiotic Security


Friday, November 22, 2024 by

Symbiotic Security launched a real-time security for software development that combines detection and remediation with just-in-time training – incorporating security testing and training directly into the development process without breaking developers’ workflows. Backed with $3 million of seed funding from investors including Lerer Hippeau, Axeleo C...


Microsoft-misconfigurations-expose-millions-of-records-globally

Microsoft misconfigurations expose millions of records globally


Monday, November 18, 2024 by

In September 2024, significant data exposure was discovered within Microsoft Power Pages, a low-code SaaS platform, due to misconfigured access controls. The exposure, which potentially affected millions of individuals, highlights the risks associated with excessive permissions granted to the platform's "Anonymous" and "Authenticated" user roles....


Off-the-shelf-intelligent-automation-beats-custom-ECM-monitoring

Off-the-shelf intelligent automation beats custom ECM monitoring


Monday, October 14, 2024 by

The accumulation of digital information is overwhelming, and the reliance on increasing access must be recognized. The danger in this climate is that storage capacity can be quickly consumed if structured and unstructured data are not adequately managed. More storage can lead to more costs and complexity - especially regarding compliance mandates. On top of that, more t...


Increasing-cyber-threats-from-artificial-intelligence

Increasing cyber threats from artificial intelligence


Wednesday, October 9, 2024 by

The UK Cybersecurity M&A market has grown significantly over the past decade, with the deal volume trend line increasing, and the sector continuing to attract significant investment from Private Equity, alongside larger corporates consolidating emerging technologies to counter increasingly sophisticated threats. The UK National Cyber Security Centre has...


Vulnerabilities-in-Apple-products-alert

Vulnerabilities in Apple products alert


Monday, September 30, 2024 by

CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. The vulnerabilities affect a wide range of Apple software, including iOS versions prior to 18, iPadOS versions prior to 18, macOS Sonoma versions prior to 14.7, macOS Ventura versions prior to 13.7, and the upcoming macOS Sequoia versions prior to ...


AI-regulations-in-software-development

AI regulations in software development


Tuesday, August 27, 2024 by

AI is rapidly changing the software development field, making clear regulations essential to prevent risks like data breaches and ensure ethical practices. These regulations are also key to reshaping developer roles while preserving the need for human expertise. AI regulations in software development The implementation of formal AI policies within companies is cri...


DevOps-threats-report-released-from-GitProtect-io

DevOps threats report released from GitProtect io


Monday, August 12, 2024 by

Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face...even every few days. The State of DevOps threats report - teams affected every few days GitProtect.io recently presented its studies on the most severe incidents affecting tools like GitHub...


Secure-software-development-education-report-from-the-Linux-Foundation

Secure software development education report from the Linux Foundation


Wednesday, August 7, 2024 by

Linux Foundation Research and the Open Source Security Foundation (OpenSSF) are pleased to release a new report titled "Secure Software Development Education 2024 Survey: Understanding Current Needs." Based on a survey of nearly 400 software development professionals, the analysis explores the current state of secure software development. It underscores&n...


Social-engineering-takeover-attacks-are-on-the-rise

Social engineering takeover attacks are on the rise


Thursday, April 18, 2024 by

OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident. The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...


Veracode-acquires-Longbow-Security

Veracode acquires Longbow Security


Thursday, April 18, 2024 by

Veracode announced the acquisition of Longbow Security, a security risk management platform for cloud-native environments. The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations effectively manage and reduce application risk across the growing attack surface. The integration of Longbow in...


AI-integration-challenges-software-developers

AI integration challenges software developers


Wednesday, March 13, 2024 by

The promise and perils of Artificial Intelligence (AI) has been dominating the headlines with everyone from software developers to students working on ways to integrate it into their daily processes. This burgeoning interest in AI is borne out by the fifth annual Reveal 2024 Top Software Development Challenges survey, which found that the biggest software development ch...


ONCD-asks-software-manufacturers-to-adopt-memory-safe-languages

ONCD asks software manufacturers to adopt memory safe languages


Tuesday, March 5, 2024 by

The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain. "For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...


Secure-software-development-insights-from-The-Linux-Foundation

Secure software development insights from The Linux Foundation


Monday, February 5, 2024 by

The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem. Maintainer Perspective...


Cybersecurity-performance-optimization-updates-from-Logpoint

Cybersecurity performance optimization updates from Logpoint


Friday, February 2, 2024 by

Logpoint is releasing new capabilities to its Converged SIEM platform, enhancing threat detection and security operations and streamlining case management. Organizations can focus on essential security matters with the new capabilities by reducing workload, simplifying automation, and freeing up resources. The new release delivers increased system stability and ...


Cloud-radio-access-networks-industry-growth-projections

Cloud radio access networks industry growth projections


Thursday, February 1, 2024 by

The global cloud radio access network market is projected to grow at a staggering 22.9% value CAGR, reaching US$ 43.2 Billion, following an assessment period ranging from 2022-2032. As per a newly published report on this industry by Fact.MR, a valuation of US$ 5.5 Billion has been anticipated during FY 2022. Furthermore, the market is expected to yield a dollar opportu...


Software-delivery-lifecycle-security-predictions-from-OpsMx

Software delivery lifecycle security predictions from OpsMx


Wednesday, December 20, 2023 by

Heading into 2024, enterprises face mounting security concerns related to data breaches, evolving privacy regulations, and their increasing reliance on the cloud and software service providers. As such, they are under increasing pressure to secure the software delivery lifecycle and better understand where the threats are coming from and what their vulnerabilities are. ...


AI-cybersecurity-impacts-according-to-NetLib-Security

AI cybersecurity impacts according to NetLib Security


Monday, December 18, 2023 by

This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side. 2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...


ASPM-2024-report-from-Cycode

ASPM 2024 report from Cycode


Friday, December 15, 2023 by

Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...


AI-app-development-assistant-lands-from-NodeSource

AI app development assistant lands from NodeSource


Thursday, November 30, 2023 by

NodeSource, the Node.js observability, application management, monitoring, and security platform, announced the launch of the N|Solid Copilot, an AI assistant integrated into the Console of N|Solid Pro. Leveraging the N|Solid Pro platform to capture the most detailed telemetry for applications and paired with the company’s Node.js experts and OpenAI, the...


API-security-risks-report-exposes-Netflix-and-Wordpress

API security risks report exposes Netflix and Wordpress


Monday, November 27, 2023 by

Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP. The new report i...


AI-performance-monitoring-from-Datadog-and-Vertex-AI

AI performance monitoring from Datadog and Vertex AI


Thursday, November 16, 2023 by

Datadog, Inc., the monitoring and security platform for cloud applications, announced an expanded strategic partnership with Google Cloud, which enables Google Cloud customers to proactively observe and secure their cloud-native and hybrid applications within Datadog’s unified platform. As part of the expanded partnership and integrations, Datadog is one of the fi...


Detect-hard-coded-secrets-with-new-capabilities-from-Cycode

Detect hard coded secrets with new capabilities from Cycode


Thursday, August 10, 2023 by

Cycode announced the expansion of its hard-coded secrets detection in cloud-based workplaces, as well as a collaboration with Azure DevOps pipelines to ensure end-to-end supply chain integrity and a new IDE plug-in for seamless integration with VS Code. Building upon its existing code-to-cloud coverage, Cycode now extends its secrets scanning capabilities to encompas...


App-security-training-enhancements-by-Security-Journey

App security training enhancements by Security Journey


Wednesday, July 19, 2023 by

Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...


NFT-marketplace-and-gallery-to-launch-from-Trend-Innovations

NFT marketplace and gallery to launch from Trend Innovations


Wednesday, April 26, 2023 by

Trend Innovations Holding Inc. has recently announced that they will combine two recent acquisitions to upgrade and launch a more robust version of the company's newly acquired InstantFAME platform. InstantFAME is a mobile and web application, which operates in the multi-billion-dollar digital artwork marketplace for artists to securely publish and sell their d...


Oxeye-discovers-vulnerability-in-HashiCorp-Vault-Project

Oxeye discovers vulnerability in HashiCorp Vault Project


Tuesday, April 25, 2023 by

Oxeye announced the discovery of a new vulnerability in the HashiCorp Vault Project that has now been patched. HashiCorp Vault is a popular identity-based secret and encryption management system used to control access to API encryption keys, passwords, and certificates. The vulnerability was automatically discovered and reported by the Oxeye Platform during a deployment...


SBOM-mandate-to-improve-cybersecurity-in-the-US

SBOM mandate to improve cybersecurity in the US


Friday, March 17, 2023 by

The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...


AppSec-2023-predictions-from-Oxeye-Security

AppSec 2023 predictions from Oxeye Security


Wednesday, February 8, 2023 by

Oxeye, the provider of award-winning cloud-native application security, announced five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications resulting in the need for new and more ef...


Will-AI-make-us-more-secure

Will AI make us more secure


Friday, February 3, 2023 by

ChatGPT, the dialogue-based AI chatbot capable of understanding natural human language, has become another icon in the disruptor ecosystem. Gaining over 1 million registered users in just 5 days, it has become the fastest-growing tech platform ever. ChatGPT generates impressively detailed human-like written text and thoughtful prose, following a text input prompt. ...


ChatGPT-gains-1-million-users-within-5-days

ChatGPT gains 1 million users within 5 days


Friday, December 23, 2022 by

ChatGPT has gained over 1 million registered users in just 5 days, it became the fastest-growing tech platform ever. ChatGPT generates impressively detailed human-like written text and thoughtful prose, after being fed a text input prompt. In addition, ChatGPT also writes code. The Web3 community was intrigued, curious, and shocked by the power of this AI Chatbot. No...


Zero-trust-policies-for-software-releases-could-be-key

Zero trust policies for software releases could be key


Thursday, December 8, 2022 by

Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...


Game-of-Chains-launches-from-Cosmos

Game of Chains launches from Cosmos


Monday, November 28, 2022 by

The Interchain Foundation (ICF), a Swiss non-profit that funds, stewards, and advances the Cosmos Ecosystem has announced the details of Game of Chains, the third public incentivized testnet in the history of Cosmos, following Game of Stakes and Game of Zones. A global community effort set to help validators develop confidence around Interchain Security and provide a pu...


Open-Bug-Bounty-has-fixed-1-million-vulnerabilities

Open Bug Bounty has fixed 1 million vulnerabilities


Monday, November 7, 2022 by

Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities. The Open Bug Bounty project enables website owners to receive advice and support from&n...


Decentralized-wallets-suggested-after-Solana-hack

Decentralized wallets suggested after Solana hack


Wednesday, August 17, 2022 by

The recent hack on the Solana cryptocurrency wallet has led to a drain of millions of dollars, which raised concerns about the security of the crypto ecosystem. Against this backdrop, the volume of discussions around 'Solana' among Twitter influencers surged in the first week of August as most of them commended the use of decentralized or open source w...