Where are all the youth in open source?, Offline Malware Analysis Tool, GitHub's Dependency Graph, Hacker Summer Camp
Switzerland mandates software source code disclosure, Malicious NuGet Packages, Go Capability Analysis, Open Source Software Security
PyPi dodges a bullet, Google domains hijacked, CISA broke into a US federal agency, and more!
Risks in dependency managers, ChatGPT stores history in clear-text, CI/CD Attacks Everywhere, Secure Software Development Education 2024 Survey
New CVE rules, AI catastrophe, critical CocoaPods flaws, GitLab pipeline bug, OpenSSH vulnerability, unsafe Ruby deserialization, Maven Central bandwidth issues
Google Project Zero: offensive security with LLMs, Data leak @ Apple, polyfill.io supply chain attack, AI Vulnerabilities
Understanding the GitHub Security Advisory Database: A Must-Know for Open-Source Developers and Consumers
CISO & Investor conflict of interest, Career Growth, npm was vulnerable to what?!?, 75% of organizations experienced supply chain attacks
Exposed secrets everywhere! Offensive CI/CD Techniques, Common Misconceptions in Vulnerability Management
Exposing Common Misconceptions about CVEs, NVD, KEV Catalog, and EPSS
How good are LLMs at patching vulnerabilities? GitHub Artifact Attestations, MegaLinter, Malware distributed via StackOverflow
Stirring the pot, testing the top five AI Chatbots, using GitHub Actions for SOC2 Compliance, The Proactive Software Supply Chain Risk Management Framework
