Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
Infosecurity-magazine.com

Malicious VS Code Extensions Exploit Name Reuse Loophole

A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.
Nextgov

Is artificial intelligence a friend, foe or frenemy? NIST wants to find out

Get the latest federal technology news delivered to your inbox. Artificial intelligence is fast becoming cybersecurity’s ultimate double agent. The same tools that help defenders spot anomalies, ...
CIO

Ransomware ain’t what it used to be

The latest research into cybercrime and those behind it illustrates why businesses must quickly adapt to the rising tide of high-stakes cyber extortion. Cyber threats evolve as technologies and ...
CoinTelegraph

Hide your crypto: Infamous ‘try my game’ Discord scam on the rise

An X user known as Princess Hypio said they lost $170,000 in crypto and NFTs to a scammer who infiltrated a Discord server and pretended to have mutual friends. Update Sept.1, 11:30 pm UTC: This ...
AFP

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Veracode, a global leader in application risk management, today unveiled its 2025 GenAI Code Security Report, revealing critical security flaws in AI-generated code. The study analyzed 80 curated ...