Archive

CramHacks Chronicles #68: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #68: Weekly Cybersecurity Newsletter!

Veracode Acquires Phylum, AWS RCE Vulnerabilities, Elastic CVE Reduction, 2024 CVE Review, PyPI Quarantine, Bundler Checksums, Python Malware Detection

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #67: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #67: Weekly Cybersecurity Newsletter!

Happy New Year! GitHub Cache-Native Malware, Hijacking Chrome Extensions, 2024 Blog Recap, Microsoft using third-party domains

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #66: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #66: Weekly Cybersecurity Newsletter!

GitHub tackles workflow vulnerabilities, finding undisclosed vulnerabilities using LLMs, container image signing, chasing quality OSS license data, OSS funding report

Kyle Kelly
CramHacks Chronicles #65: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #65: Weekly Cybersecurity Newsletter!

'What sucks in security,' Tool sprawl woes, Vanir’s patch validation, Ultralytics compromised, and supply chain security annual reports!

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #64: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #64: Weekly Cybersecurity Newsletter!

@solana/web3.js Breach, Census III Insights, Encrypted Apps Warning, Dependency Confusion Challenges, Redis Crate Controversy, WordPress Auth Flaw

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #63: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #63: Weekly Cybersecurity Newsletter!

CWE Top 25, OSS Dataset for Malware, Arch Linux RFC for upstream package handling, GitHub Wiki Malware Tactics, AI Fuzzing, Malicious linPEAS Fork

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #62: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #62: Weekly Cybersecurity Newsletter!

From Repo Swatting to PyPI Attestations: Supply Chain Security, eBPF Research, and Tools to Mitigate Emerging Threats

Kyle Kelly
blogblog
Stop Detecting, Start Fixing: Dependency Upgrades as the Real Solution

Stop Detecting, Start Fixing: Dependency Upgrades as the Real Solution

Dependency upgrades are the simplest, most effective way to mitigate risks—so why aren’t they the priority?

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #61: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #61: Weekly Cybersecurity Newsletter!

CISA's Top Exploited CVEs, Snyk's Probely Acquisition, Dependabot's Copilot Autofix, OSS Maintainers on Vulnerability Management, and Perforce’s Puppet Source Shift

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #60: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #60: Weekly Cybersecurity Newsletter!

Fuzzing, Security Audits, and New Tools: A Look at Recent Developments in the Open Source Software Security Landscape.

Kyle Kelly
blogblog
Are Automated PRs Closing the Gap in Dependency Updates?

Are Automated PRs Closing the Gap in Dependency Updates?

A look at the real-world impact of automated dependency upgrades via tools like Dependabot and Renovate on modern open-source projects

Kyle Kelly
newsletternewsletter
CramHacks Chronicles #59: Weekly Cybersecurity Newsletter!

CramHacks Chronicles #59: Weekly Cybersecurity Newsletter!

Linus Torvalds and why Linux kernel removed Russian maintainers, Intern corrupts AI model, NASA awards $15.6M to open source projects

Kyle Kelly
FirstBack
12345678
Next Last