Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

aikido

Launching Aikido Malware - Open Source Threat Feed

Mar 31, 2025 By Charlie Eriksen In Aikido
Our Aikido Intel team has been identifying undisclosed open-source vulnerabilities using LLM-driven analysis and human verification. Now, we’re expanding our supply chain security research to detect and track malware in open-source packages, cheaper, better, & faster than what exists today.
Read Post
aikido

Malware hiding in plain sight: Spying on North Korean Hackers

Mar 31, 2025 By Madeline Lawrence In Aikido
On March 13th 2025, our malware analysis engine alerted us to a potential malicious package that was added to NPM. First indications suggested this would be a clear-cut case, however, when we started peeling back the layers things weren’t quite as they seemed. Here is a story about how sophisticated nation state actors can hide malware within packages.
Read Post
indusface

CVE-2017-12637: Exploitation of SAP NetWeaver Directory Traversal Vulnerability

Mar 31, 2025 By Deepak Kumar Choudhary In Indusface
On March 19, 2025, the CISA issued a warning about the active exploitation of CVE-2017-12637, a directory traversal vulnerability in SAP NetWeaver AS Java. This vulnerability, originally patched in 2017, has resurfaced due to incomplete mitigations, leading to increased risks for organizations using outdated or misconfigured SAP environments.
Read Post
tripwire

Federal Desktop Core Configuration (FDCC/USGCB) Compliance

Mar 31, 2025 By Katrina Thompson In Tripwire
Federal Desktop Core Configuration (FDCC) was mandated by the US Office of Management and Budget (OMB) in 2007 and provides a set of security standards that must be adhered to by all federal workstations and laptops running Windows XP or Vista. FDCC evolved into the United States Government Configuration Baseline (USGCB) starting in 2010, although some agencies and contracts may still be under lingering FDCC compliance obligations.
Read Post
wallarm

Unsolved Challenge: Why API Access Control Vulnerabilities Remain a Major Security Risk

Mar 31, 2025 By Wallarm In Wallarm
Despite advancements in API security, access control vulnerabilities, such as broken object-level authentication (BOLA) and broken function-level authentication (BFLA), remain almost impossible to detect. This blog will explore why these vulnerabilities are so difficult to detect, the limitations of current security tools, and the implications for businesses relying on API-driven applications. It will also discuss potential approaches for improving API security posture.
Read Post
bulletproof

Email Penetration Testing: Defence Against Phishing Attacks

Mar 31, 2025 By Jordan Constantine In Bulletproof
Email continues to be the main attack vector for cybercriminals, a fact driven not only by it being the most widely used communication tool in business, but also by the evolving sophistication of cyber threats. Despite advancements in cybersecurity, attackers continue to exploit human vulnerabilities to bypass technical defences.
Read Post
Outsourced Software Development Company vs. an In-House Team

Outsourced Software Development Company vs. an In-House Team

Mar 31, 2025 By SecuritySenses In SecuritySenses
Whether designing a digital product or an internal system for your business, one question remains crucial: "Should I outsource a software development company or hire experts in-house?". Truth be told, both options have their pros and cons, but even those aren't fixed. Sometimes, outsourcing is cheaper (e.g., if it's a one-off product); at other times, it generates extra costs. So, while we can't tell you which option is better for you, we can show you the upsides and downsides of both strategies-read on to find out more!
Read Post
Everything You Need to Know About Custom TMS for Supply Chain Planning

Everything You Need to Know About Custom TMS for Supply Chain Planning

Mar 31, 2025 By SecuritySenses In SecuritySenses
A custom transportation management system (TMS) is a software solution designed specifically to meet the unique logistics, transportation, and supply chain needs of a business. Unlike generic TMS platforms, a custom supply chain software is built from the ground up or heavily modified to align with specific operational requirements. Custom solution offers.
Read Post
How Athletes Use Peptides to Speed Up Healing and Return to Sports

How Athletes Use Peptides to Speed Up Healing and Return to Sports

Mar 31, 2025 By SecuritySenses In SecuritySenses
Since peptides could aid in recuperation and encourage healing, athletes have been fairly fascinated with them. Naturally produced in the body, these short chains of amino acids are essential for many different biological activities including tissue mending and inflammation control. For their capacity to hasten healing from injuries, enhance joint health, and support muscle regeneration, athletes and fitness enthusiasts are looking more and more at peptide-based therapies.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.