Network Security3,000 exposed ASP.NET keys could perform code injection attacksSteve ZurierFebruary 7, 2025Microsoft worries the leaked keys could be pushed into development code without modification, leaving it open to security issues.
DevSecOpsWhy we need a better approach to DevSecOpsJosh Lemos February 4, 2025A genuine collaborative approach between teams will deliver the security the industry requires.
Vulnerability Management1-click RCE possible by combining vulnerabilities in Voyager PHPSteve ZurierJanuary 30, 2025Chaining the Voyager PHP flaws together could let attackers steal sensitive GitHub project files.
Cloud SecurityWhy we need a unified approach to Kubernetes environmentsPeter Kelly January 29, 2025A unified Kubernetes approach promises simplified operations, enhanced security, and more efficient threat detection.
DevOpsNPM package poses as legit Ethereum smart contract, injects Quasar RATSteve ZurierJanuary 2, 2025Quasar RAT has circulated in cybercrime and APT campaigns since July 2014.
Vulnerability ManagementMicrosoft: Immediate .NET installer link update neededSC StaffDecember 31, 2024Microsoft has called on .NET developers to ensure that their apps and developer pipelines no longer use azureedge.net domains amid the impending shutdown of Content Delivery Network provider Edgio, BleepingComputer reports.
AI/MLFive ways to tighten up Kubernetes securityRatan Tipirneni December 3, 2024Kubernetes will become the de facto GenAI app platform in 2025 – and here's why.
Cloud SecurityMalicious Python package collects AWS credentials via 37,000 downloadsSteve ZurierNovember 7, 2024Socket researchers say malicious package "Fabrice" has been live on PyPI since 2021.
