application security

npm logo. Photo by RealToughCandy.com

Researcher: malicious packages lurked on npm for months

Researchers at ReversingLabs said they discovered two npm open source packages that contained malicious code linked to open source malware known as TurkoRat.

Cyber image

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data.

Adobe Software Coding Concept

Leonardo DRZ wins first ever TCG CodeGen Developer Challenge

President and Chairman of Trusted Computing Group (TCG), Dr. Joerg Borchert, shares the news regarding TCG’s first ever CodeGen Developer Challenge.

Source Code Secret

Spotlight: How Secrets Sprawl Undermines Software Supply Chain Security

Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains.

Application Security

Want To Prevent Another SolarWinds? Start With Developers

An all-star roundtable of security experts tackles the question of how to prevent another SolarWinds.