April 18, 2024
OWASP is upgrading the SBOM standard for the quantum era, adding ML-readable attestation and more. Here's how it boosts software supply chain security.
April 11, 2024
There is no fool-proof method to identify phony developer accounts — but there are telltale signs. Threat researchers share three key indicators.
March 26, 2024
Espionage has long been a driver for malicious cyber campaigns. Here's what the RL research team knows about the suspicious SqzrFramework480 campaign.
March 21, 2024
Memory safety is one of the most stubborn and dangerous software weaknesses. Here are key insights and takeaways from a new Google report on the issue.
March 12, 2024
RL has discovered a campaign using malicious PyPI packages posing as open-source libraries to steal BIP39 mnemonic phrases used for crypto wallet recovery.
March 5, 2024
The National Institute of Standards and Technology has beefed up its guidelines for securing CI/CD environments. Are you ready to bulk up your program?