%term

AI Agents Vulnerabilities and Prompt #cybersecurity #aisecurity

Aug 20, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about AI Agents Vulnerabilities and Prompt #cybersecurity #aisecurity

What is an AI Bill of Materials (AI BOM)?

Aug 20, 2025 By Mend.io Team In Mend

What’s happening under the hood of your AI systems? AI is now a crucial element of modern software applications, and if you don’t have visibility into its components, you’ll be left blind. Similar to a Software Bill of Materials (SBOM), an AI Bill of Materials, AI BOM, or AIBOM has become a crucial framework for documenting and securing this new and complex supply chain. This article is part of a series of articles on Shadow AI.

Read Post

Mend

Read more about What is an AI Bill of Materials (AI BOM)?

Shift Left AI Security #coding #cybersecurity

Aug 19, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Shift Left AI Security #coding #cybersecurity

DevOps Threats Unwrapped: Mid-Year Report 2025

Aug 19, 2025 By Daria Kulikova In GitProtect

From minor hiccups to full-blown blackouts, the first half of 2025 made it clear that even the most trusted DevOps platforms are not immune to disruption. In this ecosystem, every commit, push, and deployment relies on complex systems that, despite their brilliance, are fragile. Like a Jenga tower of integrations, it takes just one wrong move – a misclicked setting, a leaked secret, an API failure – for the whole thing to wobble.

Read Post

GitProtect

Read more about DevOps Threats Unwrapped: Mid-Year Report 2025

What is Generative AI Security?

Aug 19, 2025 By Mend.io Team In Mend

From supporting customers through intelligent chatbots to auto-generating code, GenAI is revolutionizing enterprise operations. But as Spiderman coined, with great power comes great responsibility. This article will look at generative AI security, including trends and best practices to stay on top of.

Read Post

Mend

Read more about What is Generative AI Security?

Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat

Aug 19, 2025 By GitGuardian In GitGuardian

In this video, cybersecurity researcher Guillaume Valadon of GitGuardian breaks down how exposed Laravel APP_KEYs on GitHub can lead to full Remote Code Execution (RCE) in real-world applications. Working in collaboration with Synacktiv, the team uncovered 260,000 exposed keys, validated 600+ vulnerable apps, and revealed that over 35% of leaks also exposed critical credentials like database passwords, cloud storage tokens, and API keys.

View Video

GitGuardian

Read more about Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat

Security People Can be more Strict #cybersecurity #appsec

Aug 18, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Security People Can be more Strict #cybersecurity #appsec

AI Chat Memory Manipulation

Aug 18, 2025 By Snyk In Snyk

AI chatbots are getting smarter – but what happens when you control what they remember? In this video, I’ll show you step-by-step how AI memory can be manipulated, how that changes the way it responds, and the hidden risks this creates for both users and developers.

View Video