Maintainers of ESLint Prettier Plugin Attacked via npm Supply Chain Malware
Starting on July 19th, 2025, an npm supply chain security incident has been attacking maintainers of popular open-source npm packages on the npm registry.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
AI Maturity Curve: Where Most Security Teams Actually Are
Real maturity doesn’t come until AI is integrated into the operational fabric.
Engineers Speak: Veracode Static Application Security Testing (SAST) and Software Composition Analysis (SCA) Recognized as a Platinum Vendor
We’re thrilled to share some exciting news that truly validates our mission to secure the world’s software: Veracode has been recognized as a leading vendor in both Static Analysis (SAST) and Software Composition Analysis (SCA) in the June 2025 VDC Research Vendor Impact Awards! What makes this recognition even more significant is that these awards are based on aggregated ratings from VDC Research’s global “Voice of the Engineer” survey.
Trustwave Enhances its OT Security Services Portfolio
Recognizing the need to better protect organizations that rely on operational technology (OT), Trustwave is advancing its OT security services portfolio. Trustwave now delivers end-to-end visibility and threat response across IT and OT environments, enabling better detection, investigation capabilities, and response to threats targeting critical infrastructure by being integrated Trustwave’s Co-Managed SOC and penetration testing services.
Fast Releases. Slower Security? #APIs #DevOps #ContinuousDelivery
Modern dev cycles move fast—but if security can’t keep up, APIs become entry points for attackers.
The Most Common Types of Cyber Attacks
The most common types of cyber attacks include phishing, password attacks, malware and spoofing, among others. Watch this video to learn about the top 10 most common types of cyber attacks and how you and your organization can stay protected.
What Is a Password Vault and How Does It Work?
Are you struggling to keep track of your passwords? A password vault like Keeper is the ultimate solution. Watch this video to learn how a password vault works, the benefits of using one and why Keeper is the best choice to secure your login credentials.
Seemplicity Feature Release Announcement - July 2025
We’re excited to announce a major Seemplicity release packed with new AI-driven features that help you fix faster, prioritize better, and streamline remediation at scale. This release introduces breakthrough capabilities that reduce noise, provide clarity, and eliminate bottlenecks between identifying risks and resolving them.
Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770
On July 19, 2025, Microsoft disclosed CVE-2025-53770, a critical zero-day Remote Code Execution (RCE) vulnerability. Assigned a CVSS 3.1 base score of 9.8 (Critical), the vulnerability affects SharePoint Server 2016, 2019, and the Subscription Edition, along with unsupported 2010 and 2013 versions. Cloudflare’s WAF Managed Rules now includes 2 emergency releases that mitigate these vulnerabilities for WAF customers.
ToolShell Threat Brief: SharePoint RCE Vulnerabilities (CVE-2025-53770 & 53771) Explained
A serious new vulnerability (CVE-2025-53770, also known as “ToolShell”) is actively being exploited by cybercriminals to hack into on-premises Microsoft SharePoint Servers. The vulnerability, along with CVE-2025-53771 was discovered around July 18, 2025. Bitsight Research classifies CVE-2025-53770 as 10 out of 10 on our Dynamic Vulnerability Exploit (DVE) scale and CVE-2025-53771 as a 5.82 out of 10 indicating severe and moderate urgency respectively.