How to Reduce Code Risk Using Pipelineless Security
The exposure and exploitation of hardcoded secrets continues to drive software supply chain attacks. One solution: zero new hardcoded secrets.
Microsoft is bringing “Paste as plain text” to Windows apps with PowerToys
Microsoft's open-source PowerToys tool is a great way to customize your Windows experience. It comes with options to optimize app windows…
Canadian Telecom Firm Telus Reportedly Investigating Breach
A threat actor has leaked data — purportedly, samples of Telus employee payroll data and source code — on a…
TELUS investigating leak of stolen source code, employee data
Canada's second-largest telecom, TELUS is investigating a potential data breach after a threat actor shared samples online of what appears to…
Microsoft urges Exchange admins to remove some antivirus exclusions
Microsoft says some antivirus exclusions previously recommended for Exchange servers should be removed to boost their security. [...]
Wiper Malware Surges Ahead, Spiking 53% in 3 Months
Cybercriminals and hacktivists have joined state-backed actors in using sabotage-bent malware in destructive attacks, new report shows.
Exploit released for critical Fortinet RCE flaws, patch now
Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability (CVE-2022-39952) in Fortinet's FortiNAC network access control suite. [...]
Is OWASP at Risk of Irrelevance?
A growing group of OWASP members and board leaders are calling for the AppSec group to make big changes to…
GitHub Copilot update stops AI model from revealing secrets
GitHub has updated the AI model of Copilot, a programming assistant that generates real-time source code and function recommendations in…
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. [...]