Several months ago, Darcy Clarke, a former Staff Engineering Manager at GitHub, discovered the “Manifest Confusion” bug in the npm ecosystem. The bug was caused by the npm registry not validating whether the manifest file contained in the tarball (package.json) matches the manifest data published to the npm server. Clarke claims this to be a large threat, allowing malicious actors to deceive developers and hide harmful code from detection.

This year’s Fierce TMF Summit took place in sunny Savannah Georgia, a city known for its ghosts. But the estimated 200 plus attendees of this year’s Summit aren’t afraid of your average ghosts and ghouls: instead, we shudder at tales of inspection findings, unruly document contributors, and other challenges in TMF management.

When one looks at the marketplace of governance, risk management, and compliance (GRC) software platforms, it’s clear that OneTrust has established itself as a key player in the field — and also that the quest for the right GRC solution is a nuanced exercise, depending on your organization’s specific needs and preferences.

So, you’ve done your homework. You’ve clearly defined business requirements, and you think you want to implement a Security Information and Event Management (SIEM) solution into your organization. Cloud migration and remote work have changed the way threat actors attack, and it feels like every day you read about a new methodology. While a lot of companies added a SIEM to their cybersecurity technology stack, you’re not sure whether you can afford one.

With $109.5 billion of growth expected between now and 2030, the global AI cybersecurity market is booming – and it's not hard to see why. According to a recent survey of security professionals, three-quarters (75%) have observed an increase in cyberattacks. Of these, the research found that an even greater proportion (an overwhelming 85%) blamed AI.

One issue that is raised frequently is the way in which security or IT teams struggle to speak the “business language” to members of the senior leadership that take the final decisions on spending and investment.

Browser security is a set of measures and processes intended to protect users and their data when using web browsers. This includes mechanisms to prevent unauthorized access, safeguard against malicious software and other browser security threats, and ways to protect the privacy of online activities.

Cyber attacks at government organizations are prevalent in 2024, as the government continues to be one of the most targeted sectors. Research by IT Governance has found that in January alone there have been 183 incidents in the public sector, including both ransomware attacks and data breaches. Cybercriminals target government agencies because they store valuable personal data and perform critical functions and services.

In today’s rapidly evolving digital and cyber landscape, securing and delivering applications efficiently is crucial for businesses of all sizes. The pursuit of uninterrupted service is no longer the only focus. Security concerns have taken center stage, transforming the landscape into a battleground where the slightest disruption triggers a search for root causes and solutions. When websites falter, application owners navigate a maze of possibilities.

Email makes modern communications work. We use email for keeping in touch with friends and family, organizing business activities, and tracking a variety of other needs. But how does email actually work and why do you get so many spam emails? That all comes down to email messaging protocols.