Tag: CI/CD
-
Anthropic’s Project Glasswing: A Reality Check
Anthropic’s Project Glasswing has revealed a significant gap between vulnerability detection and remediation. Teams using Mythos must reassess their patch management processes and triage capabilities to effectively respond to the identified vulnerabilities. Read more
-
Navigating Vulnerability Disclosure in the Era of AI
AI is reshaping vulnerability discovery, exposing significant technical debt in software engineering. Organizations must adapt their remediation strategies and integrate AI tools into their security practices to manage the newly identified risks effectively. Read more
-
Packagist Supply Chain Attack Targets JavaScript and PHP Packages
A recent supply chain attack on Packagist has compromised eight packages by embedding malicious code in package.json files. This cross-ecosystem approach emphasizes the need for comprehensive dependency monitoring across both JavaScript and PHP ecosystems. Read more