Latest Developer Hacking & Security News | Developer News https://www.developer-tech.com/categories/developer-hacking-security/ Gaming, Apps, HTML5, Java, PHP, C#, .net, IOT Tue, 02 Apr 2024 15:36:13 +0000 en-GB hourly 1 https://www.developer-tech.com/wp-content/uploads/sites/3/2020/09/dev-icon-60x60.png Latest Developer Hacking & Security News | Developer News https://www.developer-tech.com/categories/developer-hacking-security/ 32 32 Bitwarden strengthens passwordless authentication with magic links API https://www.developer-tech.com/news/2024/apr/02/bitwarden-passwordless-authentication-magic-links-api/ https://www.developer-tech.com/news/2024/apr/02/bitwarden-passwordless-authentication-magic-links-api/#respond Tue, 02 Apr 2024 15:36:11 +0000 https://www.developer-tech.com/?p=45842 Credential management firm Bitwarden has announced an enhancement to its Passwordless.dev platform with the release of a magic links API. Bitwarden’s latest offering empowers developers to seamlessly integrate passwordless authentication into their applications, providing a more secure and user-friendly experience for end-users. The magic links API enables developers to send unique one-time-use links via email,... Read more »

The post Bitwarden strengthens passwordless authentication with magic links API appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/apr/02/bitwarden-passwordless-authentication-magic-links-api/feed/ 0
PyPI suspends registrations amid malware attack https://www.developer-tech.com/news/2024/mar/28/pypi-suspends-registrations-amid-malware-attack/ https://www.developer-tech.com/news/2024/mar/28/pypi-suspends-registrations-amid-malware-attack/#respond Thu, 28 Mar 2024 12:52:52 +0000 https://www.developer-tech.com/?p=45836 The Python Package Index (PyPI) has suspended new project creation and user registration to mitigate an ongoing malware upload campaign. This move comes as security researchers at Checkmarx uncovered a campaign involving multiple malicious packages related to the same threat actors. The attackers are targeting victims through typosquatting attacks, tricking users into installing malicious Python... Read more »

The post PyPI suspends registrations amid malware attack appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/mar/28/pypi-suspends-registrations-amid-malware-attack/feed/ 0
GitHub’s code scanning autofix enters public beta https://www.developer-tech.com/news/2024/mar/20/github-code-scanning-autofix-public-beta/ https://www.developer-tech.com/news/2024/mar/20/github-code-scanning-autofix-public-beta/#respond Wed, 20 Mar 2024 16:58:27 +0000 https://www.developer-tech.com/?p=45800 GitHub has announced that its code scanning autofix feature, powered by GitHub Copilot and CodeQL, is now available in public beta for all GitHub Advanced Security customers. The autofix tool aims to remediate over two-thirds of vulnerabilities found during code scanning with minimal editing required by developers. “Our vision for application security is an environment... Read more »

The post GitHub’s code scanning autofix enters public beta appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/mar/20/github-code-scanning-autofix-public-beta/feed/ 0
NVIDIA employs GenAI for rapid software vulnerability detection https://www.developer-tech.com/news/2024/mar/19/nvidia-genai-rapid-software-vulnerability-detection/ https://www.developer-tech.com/news/2024/mar/19/nvidia-genai-rapid-software-vulnerability-detection/#respond Tue, 19 Mar 2024 12:02:57 +0000 https://www.developer-tech.com/?p=45780 NVIDIA has demonstrated how its generative AI technologies can help to quickly identify and mitigate common vulnerabilities and exposures (CVEs) and other software security risks. The NVIDIA NIM and NeMo Retriever microservices – along with the Morpheus accelerated AI framework – enable security analysts to detect and mitigate risks in a matter of seconds, a... Read more »

The post NVIDIA employs GenAI for rapid software vulnerability detection appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/mar/19/nvidia-genai-rapid-software-vulnerability-detection/feed/ 0
Google paid $10M to bug hunters in 2023 https://www.developer-tech.com/news/2024/mar/13/google-paid-10m-bug-hunters-in-2023/ https://www.developer-tech.com/news/2024/mar/13/google-paid-10m-bug-hunters-in-2023/#respond Wed, 13 Mar 2024 15:21:29 +0000 https://www.developer-tech.com/?p=45742 Google has revealed that it paid out $10 million to over 600 bug hunters from 68 countries in 2023. Throughout the year, Google’s bug hunter community played a pivotal role in identifying and addressing thousands of vulnerabilities across various Google platforms. The company’s dedication to incentivising researchers saw the introduction of several new programs and... Read more »

The post Google paid $10M to bug hunters in 2023 appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/mar/13/google-paid-10m-bug-hunters-in-2023/feed/ 0
GitHub enables secret scanning push protection by default https://www.developer-tech.com/news/2024/mar/01/github-enables-secret-scanning-push-protection-default/ https://www.developer-tech.com/news/2024/mar/01/github-enables-secret-scanning-push-protection-default/#respond Fri, 01 Mar 2024 16:50:27 +0000 https://www.developer-tech.com/?p=45701 In response to the alarming trend of API keys, tokens, and other confidential data being inadvertently exposed, GitHub has taken further steps to fortify its platform against potential breaches. Within the first two months of 2024, GitHub has uncovered one million leaked secrets across public repositories, averaging over a dozen incidents per minute. Such alarming... Read more »

The post GitHub enables secret scanning push protection by default appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/mar/01/github-enables-secret-scanning-push-protection-default/feed/ 0
GitHub suffers from over 100K infected repos https://www.developer-tech.com/news/2024/feb/29/github-suffers-over-100k-infected-repos/ https://www.developer-tech.com/news/2024/feb/29/github-suffers-over-100k-infected-repos/#respond Thu, 29 Feb 2024 12:01:58 +0000 https://www.developer-tech.com/?p=45693 Developers face a major security threat as over 100,000 repositories on GitHub are infected with malicious code. This resurgence of a malicious repo confusion campaign – detected by Apiiro’s security researchers – has impacted countless developers who unwittingly use repositories they believe to be trusted but are, in fact, compromised. Similar to dependency confusion attacks... Read more »

The post GitHub suffers from over 100K infected repos appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/feb/29/github-suffers-over-100k-infected-repos/feed/ 0
White House urges adoption of memory-safe programming languages https://www.developer-tech.com/news/2024/feb/27/white-house-urges-adoption-memory-safe-programming-languages/ https://www.developer-tech.com/news/2024/feb/27/white-house-urges-adoption-memory-safe-programming-languages/#respond Tue, 27 Feb 2024 12:14:22 +0000 https://www.developer-tech.com/?p=45684 The White House Office of the National Cyber Director (ONCD) has released a new report today urging the technology industry to take steps to reduce vulnerabilities in software that leave digital systems open to cyberattacks. The report, titled “Back to the Building Blocks: A Path Toward Secure and Measurable Software,” emphasises the importance of technology... Read more »

The post White House urges adoption of memory-safe programming languages appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/feb/27/white-house-urges-adoption-memory-safe-programming-languages/feed/ 0
Python packages caught using DLL sideloading to bypass security https://www.developer-tech.com/news/2024/feb/21/python-packages-dll-sideloading-bypass-security/ https://www.developer-tech.com/news/2024/feb/21/python-packages-dll-sideloading-bypass-security/#respond Wed, 21 Feb 2024 11:55:04 +0000 https://www.developer-tech.com/?p=45680 ReversingLabs researchers have uncovered Python packages using DLL sideloading to bypass security tools. On 10 January 2024, Karlo Zanki, a reverse engineer at ReversingLabs, stumbled upon two suspicious packages on the Python Package Index (PyPI). These packages – named NP6HelperHttptest and NP6HelperHttper – were found to be utilising DLL sideloading, a known technique used by... Read more »

The post Python packages caught using DLL sideloading to bypass security appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/feb/21/python-packages-dll-sideloading-bypass-security/feed/ 0
OpenText unveils next-gen cybersecurity auditing technology https://www.developer-tech.com/news/2024/feb/06/opentext-unveils-next-gen-cybersecurity-auditing-technology/ https://www.developer-tech.com/news/2024/feb/06/opentext-unveils-next-gen-cybersecurity-auditing-technology/#respond Tue, 06 Feb 2024 09:15:09 +0000 https://www.developer-tech.com/?p=45593 OpenText has unveiled the second generation of its advanced cybersecurity auditing technology called Fortify Audit Assistant—aiming to help developers build more secure software amid rising threats and complexity in multi-cloud environments. The key upgrade is the use of predictive analytics and machine learning to emulate human security auditors. By learning from 10 years of human... Read more »

The post OpenText unveils next-gen cybersecurity auditing technology appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2024/feb/06/opentext-unveils-next-gen-cybersecurity-auditing-technology/feed/ 0