AI coding and other modern development practices mean flawed code will continue to ship. Here are key recommendations for managing software risk.

As the development community chalks up the npm worm as just another bad day, bigger questions remain about the software supply chain ecosystem. 

While security defenders welcomed the new vulnerability-validation tool, others stress it can be just as useful for would-be attackers.

Here's what you need to know about the discovery of the first self-replicating npm worm, which compromised packages with cloud token-stealing malware.

Funding of the OSS ecosystem has reached a crisis as threat actors increasingly target weaknesses in infrastructure.

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

ReversingLabs’ Advanced Search is a powerful feature that can gather related samples for threat hunting in your environment. Here's how.

A malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.

Discover how Command Zero and ReversingLabs integrate to speed SOC investigations, cut false positives, and deliver high‑fidelity cyber intelligence.

Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.