In the fast-paced world of cybersecurity, where the threat landscape is continuously evolving, organizations face unprecedented challenges. An expanding attack surface, rising vulnerabilities, and a relentless onslaught of cyberattacks have significantly increased organizational risk.

Artificial intelligence (AI) has become integral to many industries, driving new innovation and opportunities for growth. At the same time, the rapid adoption of AI has created new risks for companies, ranging from ethical governance in accountability and fairness to reputation and trust — coupled with the increased cyber risk for organizations developing, deploying, and using AI systems.

Over the past few years, software supply chain security has been top of mind for governments and businesses alike. Following Log4Shell in late 2021, the Biden administration’s National Cybersecurity Strategy started focusing on open source supply chain security. The National Security Agency (NSA) recently released new guidance on securing open source software supply chains.

Visma selects Aikido security, entrusting them to deliver software security to their portfolio of 170+ companies. Securing software is vitally important to Visma, whose operations deliver software to dynamic SMEs, powerhouse corporations, and key public institutions worldwide. Together, Visma and Aikido are not just participating in the future of application security; they are creating it.

The US National Institute of Standards and Technology (NIST) has almost completely stopped analyzing new vulnerabilities (CVEs) listed in its National Vulnerability Database (NVD). Through the first six weeks of 2024, NIST analyzed over 3,500 CVEs with only 34 CVEs awaiting analysis.1 Since February 13th, however, nearly half (48%) of the 7,200 CVEs received this year by the NVD are still awaiting analysis.2 The number of CVEs analyzed has dropped nearly 80% to less than 750 CVEs analyzed.

Cato XDR breaks the mold: Now, one platform tackles both security threats and network issues for true SASE convergence.

In mid-March, UpGuard welcomed security professionals from APAC, EMEA, India, and the U.S. to participate in the first UpGuard Summit of 2024. This quarter’s event focused on third-party risk management (TPRM), specifically addressing how organizations can scale their TPRM programs to meet their evolving needs and defend their growing attack surfaces.

In the digital age, protecting customer data is a cornerstone of trust and reliability between a company and its consumers. As cyber threats loom larger and data breaches become more frequent, safeguarding sensitive information cannot be ignored. Companies that excel in data protection comply with stringent regulations and gain a competitive edge by building solid relationships with their customers.

Early on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.