Shifting Security Left with the Cycode CLI

Security doesn’t begin with developers, but they are often affected by security. In my career as a developer, I would say I spent roughly a week per quarter performing tasks to fulfill …

The Scariest Things About SCA

It is a time of ghouls, mischievous spirits, and David S. Pumpkins. In the spirit of Halloween, here are the top five scariest limitations of software composition analysis (SCA) tools that are enough to send shivers down your spine. Read on … if you dare! 1. SCA Scans Only Your Application Code SCA’s scope is frightfully narrow. … Read more

Security Advisory: Text4Shell Attack

The IconBurst attack is a software supply chain attack designed to grab data from apps and websites. This attack campaign seeks to install malicious NPM modules that harvest sensitive data from forms embedded in mobile applications and websites…

Security Advisory: IconBurst Attack

The IconBurst attack is a software supply chain attack designed to grab data from apps and websites. This attack campaign seeks to install malicious NPM modules that harvest sensitive data from forms embedded in mobile applications and websites…