Collaborate Disseminate
The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according… Continue reading Hackers target AI and crypto as software supply chain risks grow
Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, th… Continue reading Malicious ML models found on Hugging Face Hub
A widely used python module for machine-learning developers can be loaded with malware and bypass detection measures.
The post Hugging Face platform continues to be plagued by vulnerable ‘pickles’ appeared first on CyberScoop.
Continue reading Hugging Face platform continues to be plagued by vulnerable ‘pickles’
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The latest version, 2.0, is tailored to cater to a broad range of audiences, spa… Continue reading NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of … Continue reading Software supply chain attacks are getting easier
DigiCert has partnered with ReversingLabs to enhance software security by combining advanced binary analysis and threat detection from ReversingLabs with DigiCert’s enterprise-grade secure code signing solution. DigiCert customers will benefit fr… Continue reading DigiCert and ReversingLabs partner to advance software supply chain security
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Appdome, Atakama, BreachLock, Elevate Security, Fastly, Forescout, ForgeRock, GrammaTech, HackNotice, Hornetsecurity, HYPR, Kensington, LOKKER, Mana… Continue reading Infosec products of the month: March 2023
Here’s a look at the most interesting products from the past week, featuring releases from Atakama, Elevate Security, Hornetsecurity, HYPR, and ReversingLabs. Hornetsecurity VM Backup V9 protects users against ransomware threats VM Backup V9 has an eas… Continue reading New infosec products of the week: March 17, 2023
ReversingLabs has unveiled new secrets detection features within its Software Supply Chain Security (SSCS) platform. ReversingLabs improves secrets detection coverage by providing teams with the context and transparency needed to prioritize developers&… Continue reading ReversingLabs adds secrets detection capabilities to SSCS platform
Here’s a photo gallery that provides a look inside Black Hat USA 2022. For our complete coverage of the conference, live from Las Vegas, check out our microsite. Bayside Ballroom Foyer Sophos BlackBerry, Palo Alto Networks, AT&T Cybersecurit… Continue reading Photos: Black Hat USA 2022