Whether shaping strategy or crafting code, CramHacks keeps you informed.
Connect
The AI race has created a cesspool of third-party packages
Hey, do you know about supply chain security? ... You mean SBOMs?
This one is for you CVE hype beasts looking to fill your resume 😉
Shifting left!, Google lays off Python team, hardened container images, and more!
Korea fears AI supply chain, GitHub hosts malware, Microsoft AD account compromise, EPSS Predicts Exploitability, and DataDog's State of DevSecOps
CISA releases Next-Gen Malware Analysis, Sisense's Security Slip-Up, Debating SAST's Value, Secure Defaults!
Neglecting the National Vulnerability Database: A Flaw We Can't Afford
Top 10 threats for 2030, End-of-life containers can mean 400+ CVEs per year, A review of zero-day in-the-wild exploits, and more!
xz/liblzma backdoor, PyPi suspends user registrations, OSV-Scanner offers guided remediation, and Chief AI Officers
Semgrep Assistant, GitHub Copilot, Active Exploitation Targeting the Ray AI Framework, Stay Safe from Repo-Jacking, and more!
Manager admits to SIM Swapping, GitGuarding State of Secrets, Comparing Dependabot/Semgrep/Snyk
Ex-Google Software Engineer Charged, Secure Software Development Attestation Form, NVD vulnerability reviews on pause
DevSecOps Automation Matrix, Cloudflare's Firewall for AI, $22M Ransomware Payment, Waymo approved in Los Angeles
Measuring security debt, Google is 'absurdly woke', Wyze home security customers seeing wrong footage, and more!
Recognizing My Dream for Perpetual Learning
