Security risks within the IT infrastructure of global businesses are increasingly prevalent – and damaging. When swathes of data are separated in the hybrid or multi cloud, it can leave big open doorways for malware to walk right in. The message I want businesses to hear is that cloud and data are not separate. IT only exists to service the needs of a business’ data. Securing cloud services – and therefore your data – is a business-critical issue.

ChatGPT use is increasing exponentially in the enterprise, where users are submitting sensitive information to the chat bot, including proprietary source code, passwords and keys, intellectual property, and regulated data. In response, organizations have put controls in place to limit the use of ChatGPT. Financial services leads the pack, with nearly one in four organizations implementing controls around ChatGPT.

To develop practical solutions, it is crucial first to identify the primary threats that arise from the widespread use of ChatGPT. This article aims to analyze these emerging risks, discuss the necessary training and tools for cybersecurity professionals to respond effectively, and emphasize the importance of government oversight to prevent AI usage from undermining cybersecurity efforts. The emergence of ChatGPT brings both awe-inspiring possibilities and significant concerns regarding cybersecurity.

We are excited to announce the inaugural edition of the Mend.io Open-Source Reliability Leaderboard! Powered by data from Renovate, the wildly popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.

Cloud testing is the process of validating applications, services, and databases that are hosted on cloud platforms. It involves verifying configurations, scalability, workloads, security controls, etc., to ensure that they perform as expected under different conditions. Cloud testing also provides a platform for performance testing and load testing before and during production in order to monitor any changes made to the system.

Security teams use tools like Microsoft Sentinel to aggregate their security events, alert on threat detection, and most importantly, orchestrate threat responses through a variety of automated playbooks. By providing both Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) functionality, Sentinel enables teams to respond to threats quickly and efficiently.

Malicious npm packages and their dangers have been a frequent topic of discussion — whether it’s hundreds of command-and-control Cobalt Strike malware packages, typosquatting, or general malware published to the npm registry (including PyPI and others). To help developers and maintainers defend against these security risks, Snyk published a guide to npm security best practices.