Archive

blogblog
Stop F@#!ing (Forking) Your Dependencies

Stop F@#!ing (Forking) Your Dependencies

98% of PyMySQL forks are vulnerable to SQL Injection

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #50: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #50: Weekly Cybersecurity Newsletter!

WAFs are dead, will ADR save us? PyPi responds to 90% of malicious packages within 24hrs! Unprotected Container Registries

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #49: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #49: Weekly Cybersecurity Newsletter!

Hacker Summer Camp, 390 Vulnerabilities added to KEV, using AI to upgrade npm packages, GitHub Workflow Vulnerabilities, Open-Source Software Security

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #48: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #48: Weekly Cybersecurity Newsletter!

Vegas, Cross Fork Object Reference, Apple's AI Prompts, EPSS, and NVD

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #47: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #47: Weekly Cybersecurity Newsletter!

Where are all the youth in open source?, Offline Malware Analysis Tool, GitHub's Dependency Graph, Hacker Summer Camp

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #46: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #46: Weekly Cybersecurity Newsletter!

Switzerland mandates software source code disclosure, Malicious NuGet Packages, Go Capability Analysis, Open Source Software Security

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #45: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #45: Weekly Cybersecurity Newsletter!

PyPi dodges a bullet, Google domains hijacked, CISA broke into a US federal agency, and more!

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #44: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #44: Weekly Cybersecurity Newsletter!

Risks in dependency managers, ChatGPT stores history in clear-text, CI/CD Attacks Everywhere, Secure Software Development Education 2024 Survey

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #43: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #43: Weekly Cybersecurity Newsletter!

New CVE rules, AI catastrophe, critical CocoaPods flaws, GitLab pipeline bug, OpenSSH vulnerability, unsafe Ruby deserialization, Maven Central bandwidth issues

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #42: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #42: Weekly Cybersecurity Newsletter!

Google Project Zero: offensive security with LLMs, Data leak @ Apple, polyfill.io supply chain attack, AI Vulnerabilities

Kyle Kelly
blogblog
Beyond the CVE: Analyzing the Depth of GitHub Security Advisories

Beyond the CVE: Analyzing the Depth of GitHub Security Advisories

Understanding the GitHub Security Advisory Database: A Must-Know for Open-Source Developers and Consumers

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #41: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #41: Weekly Cybersecurity Newsletter!

CISO & Investor conflict of interest, Career Growth, npm was vulnerable to what?!?, 75% of organizations experienced supply chain attacks

Kyle Kelly
FirstBack
12345678
Next Last