cybersecurity Archives - Developer Tech News

State of Java: Resilience amid licensing changes and security concerns

Ryan Daws — Fri, 27 Oct 2023 09:28:10 +0000

Azul has unveiled its first annual State of Java Survey & Report, which offers a deep exploration of the Java landscape. The study – based on responses from over 2,000 Java users worldwide – aims to provide unparalleled insights into Java’s current standing, particularly its influence on enterprises of various sizes. Java’s ubiquity and vital... Read more »

The post State of Java: Resilience amid licensing changes and security concerns appeared first on Developer Tech News.

Android finally checks sideloaded apps for malware before installs

Ryan Daws — Thu, 19 Oct 2023 16:12:38 +0000

In response to growing cyber threats, Google has introduced an update to bolster Android security. This enhancement focuses on strengthening malware detection before app installations, ensuring a safer Android ecosystem. With this update, Google Play Protect now conducts real-time scans at the code-level during the app installation process: By providing users with immediate feedback about... Read more »

The post Android finally checks sideloaded apps for malware before installs appeared first on Developer Tech News.

Sauce Labs exposes some developers’ risky habits

Ryan Daws — Tue, 03 Oct 2023 15:32:51 +0000

A survey by Sauce Labs of 500 US-based developers has put the spotlight on some concerning practices. One alarming discovery was the tendency of developers to push code to production without adequate testing. 67 percent of respondents admitted to this practice, jeopardising software quality, user experience, and system stability. Additionally, 68 percent confessed to merging... Read more »

The post Sauce Labs exposes some developers’ risky habits appeared first on Developer Tech News.

GitHub opens Copilot Chat to all developers

Ryan Daws — Thu, 21 Sep 2023 12:42:55 +0000

GitHub has announced that Copilot Chat is now available to all developers, ushering in a new era of AI-powered software development. Copilot Chat was launched for ‘Business’ users in July. The AI assistant is capable of assisting developers in their preferred natural language and promises to reduce repetitive tasks. Developers can use the assistant to... Read more »

The post GitHub opens Copilot Chat to all developers appeared first on Developer Tech News.

Sonatype reveals DevOps and SecOps leaders’ views on generative AI

Ryan Daws — Tue, 12 Sep 2023 13:22:22 +0000

While the tech community remains divided on the potential of generative AI tools, there’s a consensus that their impact on the industry is comparable to the adoption of cloud technology. Software engineers are harnessing generative AI to explore libraries, create new code, and enhance their development process, while application security professionals employ it for code... Read more »

The post Sonatype reveals DevOps and SecOps leaders’ views on generative AI appeared first on Developer Tech News.

Salt launches STEP program to enhance API security for enterprises

Ryan Daws — Wed, 23 Aug 2023 12:00:06 +0000

Salt Security has launched an initiative to help enterprises significantly reduce risk across their API ecosystem. The STEP (Salt Technical Ecosystem Partner) program encompasses the integration of AI-driven API security insights into existing workflows and tools within organisations. This integration empowers joint customers to bolster their security posture using the Salt Security API Protection Platform.... Read more »

The post Salt launches STEP program to enhance API security for enterprises appeared first on Developer Tech News.

Mathew Payne, GitHub: Protecting code while nurturing user experience

Ryan Daws — Fri, 18 Aug 2023 13:54:35 +0000

Developer caught up with Mathew Payne, Principal Field Security Specialist at GitHub, to discuss the platform’s security strategies and how they aim to strike a balance between robustness and a seamless user experience. At the heart of GitHub’s security philosophy lies a commitment to safeguarding user code. Payne emphasised that a major focus is on... Read more »

The post Mathew Payne, GitHub: Protecting code while nurturing user experience appeared first on Developer Tech News.

Malicious PyPI package discovered in ongoing ‘PaperPin’ campaign

Ryan Daws — Fri, 04 Aug 2023 11:05:45 +0000

In a recent analysis conducted by Sonatype, a malicious Python Package Index (PyPI) package named ‘VMConnect’ was discovered masquerading as the legitimate VMware vSphere connector module ‘vConnector’. The counterfeit package was found to contain sinister code designed to compromise users’ systems. Further investigation revealed an ongoing campaign involving additional packages like “ethter” and “quantiumbase,” all... Read more »

The post Malicious PyPI package discovered in ongoing ‘PaperPin’ campaign appeared first on Developer Tech News.

Apple will require developers to explain their API use

Ryan Daws — Fri, 28 Jul 2023 14:45:07 +0000

In an effort to bolster user privacy and crack down on fingerprinting, Apple has announced that developers will soon be required to provide detailed explanations for their app’s use of certain APIs before submitting them to the App Store. The APIs in question are now classified as “required reason APIs,” meaning developers must articulate the... Read more »

The post Apple will require developers to explain their API use appeared first on Developer Tech News.

Checkmarx uncovers supply chain attacks targeting banking

Ryan Daws — Fri, 21 Jul 2023 12:24:45 +0000

Checkmarx has uncovered a new and sophisticated cyber threat targeting the banking sector. The security testing firm’s research team detected two distinct open-source software supply chain attacks targeting financial institutions. These attacks, which involved advanced techniques and deceptive tactics, have raised alarm bells among cybersecurity experts. Attack one: NPM The first attack occurred on April... Read more »

The post Checkmarx uncovers supply chain attacks targeting banking appeared first on Developer Tech News.