Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments.

Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.

Your organization runs on commercial software far more than it does open source.

To detect all kinds of software supply chain attacks, software-producing and consuming organizations need to have access to a collection of mature malware intelligence, in addition to complex binary analysis and reproducible builds.

President Biden’s call for the mainstreaming of Software Bill of Materials (SBOMs) is a major step forward.

GenAI is very much in the mix as a potent X-factor in cybersecurity.