News

BellSoft survey finds 48% prefer pre‑hardened images over managing vulnerabilities themselves

Java developers still struggle to secure containers, with nearly half (48 percent) saying they'd rather delegate security to providers of hardened containers than worry about making their own container security decisions.…

The call is coming from inside the house

opinion  Maybe everything is all about timing, like the time (this week) America's lead cyber-defense agency sounded the alarm on insider threats after it came to light that its senior official uploaded sensitive documents to ChatGPT.…

The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous

Crims love to make it look like their traffic is actually coming from legit homes and businesses, and they do so by using residential proxy networks. Now, Google says it has "significantly degraded" what it believes is one of the world's largest residential proxy networks.…

eScan lawyers up after Morphisec claimed 'critical supply-chain compromise'

A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.…

The right habits change everything

Sponsored Post  Security teams are under pressure from every direction: supply chain threats are rising, regulatory expectations are tightening, and development cycles aren’t getting any slower. Yet for many organizations, the practical work of improving software security still comes down to the same challenge — how do you reduce exposure without constantly battling developers, delaying releases, or piling on process?

That’s where a more consistent set of habits can make a measurable difference.
Rather than treating software supply chain security as a one-off initiative, many teams are shifting toward repeatable practices they can build into everyday workflows. The goal isn’t perfection; it’s improving baseline security in ways that actually stick, across teams and tool chains.

Chainguard is hosting an upcoming webinar-style event designed to help security and engineering leaders identify the habits that matter most. The session explores seven practical approaches for building more secure software pipelines, with a focus on reducing risk while keeping delivery moving.…

Extortion crew says it's found love in someone else's info as Match Group plays down the impact

ShinyHunters has added a fresh notch to its breach belt, claiming it has pinched more than 10 million records from Match Group, a US firm that owns some of the world's most widely used swipe-based dating platforms.…

Apply fixes within a few hours or face the music, say the pros

What good is a fix if you don't use it? Experts are urging security teams to patch promptly as vulnerability exploits now account for the majority of intrusions, according to the latest figures.…