%term

DevOps Threats Unwrapped: Mid-Year Report 2025

Aug 19, 2025 By Daria Kulikova In GitProtect

From minor hiccups to full-blown blackouts, the first half of 2025 made it clear that even the most trusted DevOps platforms are not immune to disruption. In this ecosystem, every commit, push, and deployment relies on complex systems that, despite their brilliance, are fragile. Like a Jenga tower of integrations, it takes just one wrong move – a misclicked setting, a leaked secret, an API failure – for the whole thing to wobble.

Read Post

GitProtect

Read more about DevOps Threats Unwrapped: Mid-Year Report 2025

What is Generative AI Security?

Aug 19, 2025 By Mend.io Team In Mend

From supporting customers through intelligent chatbots to auto-generating code, GenAI is revolutionizing enterprise operations. But as Spiderman coined, with great power comes great responsibility. This article will look at generative AI security, including trends and best practices to stay on top of.

Read Post

Mend

Read more about What is Generative AI Security?

Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat

Aug 19, 2025 By GitGuardian In GitGuardian

In this video, cybersecurity researcher Guillaume Valadon of GitGuardian breaks down how exposed Laravel APP_KEYs on GitHub can lead to full Remote Code Execution (RCE) in real-world applications. Working in collaboration with Synacktiv, the team uncovered 260,000 exposed keys, validated 600+ vulnerable apps, and revealed that over 35% of leaks also exposed critical credentials like database passwords, cloud storage tokens, and API keys.

View Video

GitGuardian

Read more about Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat

AI Chat Memory Manipulation

Aug 18, 2025 By Snyk In Snyk

AI chatbots are getting smarter – but what happens when you control what they remember? In this video, I’ll show you step-by-step how AI memory can be manipulated, how that changes the way it responds, and the hidden risks this creates for both users and developers.

View Video

Snyk

Read more about AI Chat Memory Manipulation

Security People Can be more Strict #cybersecurity #appsec

Aug 18, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Security People Can be more Strict #cybersecurity #appsec

Snyk Found a Security Vulnerability in My Code

Aug 17, 2025 By Snyk In Snyk

Snyk Found a Security Vulnerability in My Code.

View Video

Snyk

Read more about Snyk Found a Security Vulnerability in My Code

Fixing Outdated Code from Claude Opus 4.1 & GitHub Copilot

Aug 16, 2025 By Snyk In Snyk

Fixing Outdated Code from Claude Opus 4.1 & GitHub Copilot.

View Video

Snyk

Read more about Fixing Outdated Code from Claude Opus 4.1 & GitHub Copilot

The Hallucinated Package Attack: Slopsquatting

Aug 15, 2025 By Mend.io Team In Mend

Imagine a world where, in the middle of programming, your helpful AI assistant tells you to import a package called securehashlib. It sounds real. It looks real. You trust your silicon co-pilot. You run pip install securehashlib. Congratulations. You’ve just opened a backdoor into your software stack—and possibly your company’s infrastructure. The package didn’t exist until yesterday, when an attacker registered it based on a hallucination the AI made last week.

Read Post

Mend

Read more about The Hallucinated Package Attack: Slopsquatting

The Rules Have Changed AI vs AI #aisecurity #ai

Aug 15, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about The Rules Have Changed AI vs AI #aisecurity #ai

The Two AI Licenses You Need to Know

Aug 14, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about The Two AI Licenses You Need to Know

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps Threats Unwrapped: Mid-Year Report 2025

What is Generative AI Security?

Laravel APP_KEY Leaks Lead to RCE: GitGuardian + Synacktiv Reveal Massive Threat

AI Chat Memory Manipulation

Security People Can be more Strict #cybersecurity #appsec

Snyk Found a Security Vulnerability in My Code

Fixing Outdated Code from Claude Opus 4.1 & GitHub Copilot

The Hallucinated Package Attack: Slopsquatting

The Rules Have Changed AI vs AI #aisecurity #ai

The Two AI Licenses You Need to Know

Monthly Archive

Follow Us