Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Highlighting real-world examples of civilian cyber engagement, from the Ransomware Hunting Team developing decryptors to organizational models like Cyber Peace Builders that connect volunteers with nonprofits needing cybersecurity assistance.

This week, we discuss a recent cascading supply chain attack involving multiple Github actions workflows that nearly succeeded in compromising a popular Coinbase application. Before that, we discuss a novel way to download malware onto an endpoint by abusing a web browser's caching feature. Additionally, we cover an FBI alert on file converter malware scams.

AI cyber threats + tax season = a dangerous combination.#IRS.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Imagine receiving an urgent email from your bank that looks perfectly legitimate. It warns you of a suspicious transaction and prompts you to verify your identity. You hesitate but click, and suddenly, your credentials are compromised. This scenario, crafted by AI-powered fraud-as-a-service, is happening now.

Cloud misconfigurations are among the top causes of breaches. Astra’s Cloud Vulnerability Scanner helps you identify and fix security gaps in AWS, GCP, and Azure environments. Key capabilities: Enable continuous pentest as scale with Astra.

Stay compliant effortlessly with Astra. 60% of Astra customers rely on Astra to achieve SOC 2, ISO 27001, HIPAA, and more. How Astra supports compliance: Enable continuous pentest as scale with Astra.

Astra has helped businesses across fintech, SaaS, healthcare, and e-commerce strengthen their security. Key results: Enable continuous pentest as scale with Astra.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.