SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...
Developer Tech

Log4j downloads shows supply chain wake-up call ignored

Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn't the wake-up call it should have been.
InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...
InfoQ

BellSoft Unveils Hardened Java Images

BellSoft has launched Hardened Images for Java containers, claiming 95% fewer CVEs and 30% resource savings. Built on ...