Prevent your chatbot from accidentally leaking user data! #cybersecurity

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Secure and Scalable Kubernetes for Multi-Cluster Management

This story is becoming more and more common in the Kubernetes world. What starts as a manageable cluster or two can quickly balloon into a sprawling, multi-cluster architecture spanning public clouds, private data centers, or a bit of both. And with that growth comes a whole new set of headaches. How do you keep tabs on compliance across wildly different configurations? When a service goes down across multiple clusters, how do you pinpoint the cause amidst the chaos?

Stablecoins Go Mainstream in Asia's Payment Ecosystem

Asia is leading the world in real-world stablecoin adoption. According to our 2025 State of Stablecoins report, 56% of institutions in the region are already live—the highest adoption rate globally. Another 40% are either piloting or planning implementation, making stablecoins a foundational layer of Asia’s evolving payments infrastructure. Across markets like Singapore, Seoul, Tokyo, and Hong Kong, institutions are moving quickly—not just to explore stablecoins, but to scale them.

Phone Cloning: How Hackers Copy Your Phone and How You Can Protect Yourself

Cell phone cloning was first recorded in the 1990s when analog phone networks were common. During this period, malicious actors exploited vulnerabilities in the analog system to clone phones and access services while avoiding any charges. However, with technological advancements, phone cloning techniques have also adapted and become more sinister. Fraudsters now exploit vulnerabilities in mobile device software and security systems, enabling them to clone a phone remotely without needing physical access.

Navigate mergers and acquisitions with CASM

Executive leadership teams aren’t the only ones keenly aware that a merger or acquisition marks a vulnerable period. Attackers understand that times of change open fresh opportunities—not just to exploit transitional challenges in ERP systems or payroll but to actively capitalise on new financial realities – from manipulating stock prices via reputation damage to zeroing in on a target’s hypothetically more lucrative ransomware payout.

Navigating Cyber Threats in the Retail Sector

The UK retail sector currently stands at a crossroads where cyber security is not just a regulatory or operational obligation, but a cornerstone for success. As cyber threats continue to rise, understanding the impact of these threats and how they infiltrate the retail supply chain is vital for operational continuity.

How to Keep Major Worldwide Sporting Events on Secure Ground Using Threat Intelligence Reporting

As we look at the sporting calendar for 2025 with the UEFA Women’s European Championship in Switzerland and the Tour de France in July, as well as the 2025 Women's Rugby World Cup in the UK starting in August, armchair sportspeople and in-person spectators are spoilt for choice. But aside from the marvel of watching athletes compete to achieve their dreams, the organization (and security) of such events requires meticulous planning, particularly as dates are fixed and immovable.

WatchGuard Earns 2025 Top Rated Awards From TrustRadius

We’re proud to announce that WatchGuard has earned eight 2025 Top Rated Awards from TrustRadius, a trusted platform where real users share honest feedback. These awards highlight the exceptional value our customers experience across security categories, directly reflecting their reviews and satisfaction.

Top Devsecops Tools in 2025

DevSecOps isn’t just a buzzword in 2025 – it’s how modern teams build software without leaving security behind. About 61% of DevOps teams have now adopted DevSecOps practices, meaning automated security checks are embedded throughout development. And for good reason: cyber threats are evolving, from surging open-source supply chain attacks (over 10,000 malicious packages were found in one quarter) to misconfigurations that attackers exploit in cloud infrastructure.

CISSP Exam Changes 2024

On April 15th of 2024, ISC² implemented a refreshed set of objectives for the CISSP exam. The goal of refreshing the exam objectives is to keep the exam relevant to the latest happenings in security. As things progress and new technologies are introduced, the objectives are updated to account for them as well as for the latest standards and processes. In this blog, we’ll look at the changes and explore some of the key things to be aware of as you prepare for the refreshed exam in 2025.