Latest Developer Hacking & Security News | Developer News https://www.developer-tech.com/categories/developer-hacking-security/ Gaming, Apps, HTML5, Java, PHP, C#, .net, IOT Thu, 21 Sep 2023 12:42:56 +0000 en-GB hourly 1 https://www.developer-tech.com/wp-content/uploads/sites/3/2020/09/dev-icon-60x60.png Latest Developer Hacking & Security News | Developer News https://www.developer-tech.com/categories/developer-hacking-security/ 32 32 GitHub opens Copilot Chat to all developers https://www.developer-tech.com/news/2023/sep/21/github-opens-copilot-chat-all-developers/ https://www.developer-tech.com/news/2023/sep/21/github-opens-copilot-chat-all-developers/#respond Thu, 21 Sep 2023 12:42:55 +0000 https://www.developer-tech.com/?p=45160 GitHub has announced that Copilot Chat is now available to all developers, ushering in a new era of AI-powered software development. Copilot Chat was launched for ‘Business’ users in July. The AI assistant is capable of assisting developers in their preferred natural language and promises to reduce repetitive tasks. Developers can use the assistant to... Read more »

The post GitHub opens Copilot Chat to all developers appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/sep/21/github-opens-copilot-chat-all-developers/feed/ 0
Sonatype reveals DevOps and SecOps leaders’ views on generative AI https://www.developer-tech.com/news/2023/sep/12/sonatype-reveals-devops-secops-leaders-views-generative-ai/ https://www.developer-tech.com/news/2023/sep/12/sonatype-reveals-devops-secops-leaders-views-generative-ai/#respond Tue, 12 Sep 2023 13:22:22 +0000 https://www.developer-tech.com/?p=45125 While the tech community remains divided on the potential of generative AI tools, there’s a consensus that their impact on the industry is comparable to the adoption of cloud technology. Software engineers are harnessing generative AI to explore libraries, create new code, and enhance their development process, while application security professionals employ it for code... Read more »

The post Sonatype reveals DevOps and SecOps leaders’ views on generative AI appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/sep/12/sonatype-reveals-devops-secops-leaders-views-generative-ai/feed/ 0
Salt launches STEP program to enhance API security for enterprises https://www.developer-tech.com/news/2023/aug/23/salt-launches-step-enhance-api-security-enterprises/ https://www.developer-tech.com/news/2023/aug/23/salt-launches-step-enhance-api-security-enterprises/#respond Wed, 23 Aug 2023 12:00:06 +0000 https://www.developer-tech.com/?p=45064 Salt Security has launched an initiative to help enterprises significantly reduce risk across their API ecosystem. The STEP (Salt Technical Ecosystem Partner) program encompasses the integration of AI-driven API security insights into existing workflows and tools within organisations. This integration empowers joint customers to bolster their security posture using the Salt Security API Protection Platform.... Read more »

The post Salt launches STEP program to enhance API security for enterprises appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/aug/23/salt-launches-step-enhance-api-security-enterprises/feed/ 0
Mathew Payne, GitHub: Protecting code while nurturing user experience https://www.developer-tech.com/news/2023/aug/18/mathew-payne-github-protecting-code-nurturing-user-experience/ https://www.developer-tech.com/news/2023/aug/18/mathew-payne-github-protecting-code-nurturing-user-experience/#respond Fri, 18 Aug 2023 13:54:35 +0000 https://www.developer-tech.com/?p=45057 Developer caught up with Mathew Payne, Principal Field Security Specialist at GitHub, to discuss the platform’s security strategies and how they aim to strike a balance between robustness and a seamless user experience. At the heart of GitHub’s security philosophy lies a commitment to safeguarding user code. Payne emphasised that a major focus is on... Read more »

The post Mathew Payne, GitHub: Protecting code while nurturing user experience appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/aug/18/mathew-payne-github-protecting-code-nurturing-user-experience/feed/ 0
Malicious PyPI package discovered in ongoing ‘PaperPin’ campaign https://www.developer-tech.com/news/2023/aug/04/malicious-pypi-package-ongoing-paperpin-campaign/ https://www.developer-tech.com/news/2023/aug/04/malicious-pypi-package-ongoing-paperpin-campaign/#respond Fri, 04 Aug 2023 11:05:45 +0000 https://www.developer-tech.com/?p=44995 In a recent analysis conducted by Sonatype, a malicious Python Package Index (PyPI) package named ‘VMConnect’ was discovered masquerading as the legitimate VMware vSphere connector module ‘vConnector’. The counterfeit package was found to contain sinister code designed to compromise users’ systems. Further investigation revealed an ongoing campaign involving additional packages like “ethter” and “quantiumbase,” all... Read more »

The post Malicious PyPI package discovered in ongoing ‘PaperPin’ campaign appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/aug/04/malicious-pypi-package-ongoing-paperpin-campaign/feed/ 0
Checkmarx uncovers supply chain attacks targeting banking https://www.developer-tech.com/news/2023/jul/21/checkmarx-uncovers-supply-chain-attacks-targeting-banking/ https://www.developer-tech.com/news/2023/jul/21/checkmarx-uncovers-supply-chain-attacks-targeting-banking/#respond Fri, 21 Jul 2023 12:24:45 +0000 https://www.developer-tech.com/?p=44926 Checkmarx has uncovered a new and sophisticated cyber threat targeting the banking sector. The security testing firm’s research team detected two distinct open-source software supply chain attacks targeting financial institutions. These attacks, which involved advanced techniques and deceptive tactics, have raised alarm bells among cybersecurity experts. Attack one: NPM The first attack occurred on April... Read more »

The post Checkmarx uncovers supply chain attacks targeting banking appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/jul/21/checkmarx-uncovers-supply-chain-attacks-targeting-banking/feed/ 0
GitHub introduces passwordless authentication https://www.developer-tech.com/news/2023/jul/14/github-introduces-passwordless-authentication/ https://www.developer-tech.com/news/2023/jul/14/github-introduces-passwordless-authentication/#respond Fri, 14 Jul 2023 12:35:24 +0000 https://www.developer-tech.com/?p=44870 GitHub is introducing passwordless authentication to enhance account security and provide a more seamless user experience. Passkeys are touted as offering a secure and easy-to-use method of protecting user accounts, with the aim of eliminating password-based breaches altogether. Unlike conventional security measures, passkeys offer improved security by combining two-factor authentication (2FA) with enhanced user verification.... Read more »

The post GitHub introduces passwordless authentication appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/jul/14/github-introduces-passwordless-authentication/feed/ 0
Sonatype uncovers further malicious PyPI and npm packages https://www.developer-tech.com/news/2023/jun/23/sonatype-uncovers-further-malicious-pypi-npm-packages/ https://www.developer-tech.com/news/2023/jun/23/sonatype-uncovers-further-malicious-pypi-npm-packages/#respond Fri, 23 Jun 2023 15:47:27 +0000 https://www.developer-tech.com/?p=44763 Sonatype continues to uncover a significant number of malicious packages within the PyPI and npm software registries. Among the flagged packages were several Python packages published on PyPI, masquerading as legitimate libraries named after the popular npm “colors” library. The malicious packages, including names such as “broke-rcl,” “brokescolors,” and “trexcolors,” exclusively targeted the Windows operating... Read more »

The post Sonatype uncovers further malicious PyPI and npm packages appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/jun/23/sonatype-uncovers-further-malicious-pypi-npm-packages/feed/ 0
AppSec teams stuck in catch-up cycle due to massive cloud-native enablement gap https://www.developer-tech.com/news/2023/may/26/appsec-teams-stuck-in-catch-up-cycle-due-to-massive-cloud-native-enablement-gap/ https://www.developer-tech.com/news/2023/may/26/appsec-teams-stuck-in-catch-up-cycle-due-to-massive-cloud-native-enablement-gap/#respond Fri, 26 May 2023 10:33:26 +0000 https://www.developer-tech.com/?p=44634 Backslash Security, a cloud-native application security solution for enterprise AppSec teams, has released a new research study, Breaking the Catch-up Cycle: The New Cloud-Native AppSec Paradigm Survey Report, exploring how the state of application security has evolved given the rise of cloud-native application development. The study examines the practices, tools, and needs of CISOs, AppSec managers,... Read more »

The post AppSec teams stuck in catch-up cycle due to massive cloud-native enablement gap appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/may/26/appsec-teams-stuck-in-catch-up-cycle-due-to-massive-cloud-native-enablement-gap/feed/ 0
PyPI suspends new projects and users due to malicious activity https://www.developer-tech.com/news/2023/may/22/pypi-suspends-new-projects-and-users-malicious-activity/ https://www.developer-tech.com/news/2023/may/22/pypi-suspends-new-projects-and-users-malicious-activity/#respond Mon, 22 May 2023 15:31:24 +0000 https://www.developer-tech.com/?p=44601 The PyPI (Python Package Index) team has temporarily suspended new projects and users on their platform due to malicious activity. This surge in malicious activity aligns with a larger trend observed across several open-source registries in recent months. Notably, incidents such as the flood of malicious packages on the NPM JavaScript package manager and a... Read more »

The post PyPI suspends new projects and users due to malicious activity appeared first on Developer Tech News.

]]>
https://www.developer-tech.com/news/2023/may/22/pypi-suspends-new-projects-and-users-malicious-activity/feed/ 0