Security news that informs and inspires

Archive

6 results for tag Appdev:

Malware Infects NetBeans Projects In Software Supply Chain Attack

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new supply chain attack targeting NetBeans projects, GitHub Security Lab said.

Supply Chain, Appdev, Github

GitHub Expands Scanning to Find Security Flaws in Code

The goal for secure software isn’t to never have vulnerabilities, but to be able to find vulnerabilities as soon as possible so that they can be fixed. GitHub has expanded its code scanning capabilities to make it easier for developers to identify flaws in projects that are managed on its platform.

Open Source, Github, Vulnerability, Appdev

Give IT a Break from Software Updates

Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.

Appsec, Application Security, Appdev, Ciso, Patch

Older Bugs in Software Add to Security Debt

In the rush to fix newer vulnerabilities, the older ones are left unaddressed. The resulting security debt increases the organization's risk of a breach, Veracode warned.

Application Security, Appdev, Appsec, Software Security, Software Development

FTC to Developers: Get Consent

The FTC action against a developer of "stalking" apps emphasized that installing an app that hid its presence on the device and didn't notify the user what it was doing was against the law.

Privacy, Government, Appdev