Seventy-four percent of codebases had high-risk open source vulnerabilities last year, representing a significant increase over the 48% of those with exploited flaws, proof-of-concept exploits, and remote code execution issues in 2022.
As the number of organizations depending on third parties has grown, so has the amount of third-party risk. Paul Wagenseil provides a snapshot of the state of third-party risk and how your organization can reduce and manage its exposure, with special emphasis on access management, internal segmentation, due diligence, certifications, compliance an...
Third-party risk may be unavoidable, but it is manageable. Here’s a 15-point checklist to help minimize the risks you run from working with vendors, services and suppliers.
Download the infographicDownload
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
Numerous cybersecurity researchers have already released their proof-of-concept exploits for a critical vulnerability impacting open-source automation server Jenkins on GitHub, reports BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.