Browsing: Software Development Security

Researchers Show How Calendar Invites Can Be Weaponized in Google Gemini

Kirsten DoyleJanuary 23, 20264 Mins Read

Security researchers at Miggo, have disclosed a vulnerability in Google’s Gemini assistant that allowed a standard calendar invitation to be used as an…

Building Secure AI Systems: The Need For an AI Bill of Materials

Crystal MorinJanuary 21, 20266 Mins Read

Despite all the hype around AI, the majority of companies have not yet begun full-scale production deployment. According to McKinsey,…

Attackers Claim Sale of Target Internal Source Code After Developer Repositories Exposed

Kirsten DoyleJanuary 14, 20264 Mins Read

Attackers are claiming to be selling Target’s internal source code and developer documentation having published a sample of stolen repositories on Gitea, a public software…

What Shai-Hulud is Telling Us About The State of the Modern Software Supply Chain

Brad LaPorteNovember 5, 20254 Mins Read

A self-propagating malware campaign is actively compromising the NPM ecosystem, and while it’s undeniably dangerous, many experts believe it’s not…

Microsoft Teams Flaws Expose New Risks in Workplace Collaboration

Kirsten DoyleNovember 5, 20255 Mins Read

Trust has always been the glue of digital collaboration, but new research shows it can also be the weak link. …

Google’s Enhanced Chrome Autofill Raises Both Convenience and Security Questions

Kirsten DoyleNovember 5, 20256 Mins Read

Google is rolling out an enhanced autofill feature for Chrome designed to make filling out online forms faster and easier,…

Popular Tinycolor Package Trojanized in Widespread npm Supply-Chain Attack

Kirsten DoyleSeptember 17, 20257 Mins Read

A routine package update turned dangerous this week. A malicious release of Tinycolor (a library downloaded millions of times each…

Britain Drops Apple ‘Backdoor’ Demand After U.S. Pushback

Kirsten DoyleAugust 20, 20253 Mins Read

Britain has abandoned its demand that Apple build a “backdoor” into its encryption systems. The change follows months of quiet…

UK Businesses Hit by Wave of Breaches Caused by Insecure Code

Kirsten DoyleAugust 19, 20253 Mins Read

A new survey has revealed the extent to which poor coding practices are leaving UK businesses exposed. Two-thirds of senior…

Empowering Citizen Developers Without Compromising Security

Yair FinziAugust 13, 20254 Mins Read

Thanks to no-code tools, citizen application development platforms (CADPs) are ushering in a new era where business units are no…