The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name
Mend.io research discovered a threat actor takeover of the name ‘gemnasium-gitlab-service', a retired Ruby gem with two million+ downloads.
Mend.io + Jira Security: Doing DevSecOps Better Together
Discover how Mend.io & Jira Security are revolutionizing DevSecOps, improving application security, & streamlining workflows for dev teams.
What are Malicious Packages? How Do They Work?
Learn about malicious packages and the growing threat they pose to software supply chains.
RSA Conference 2023: Key Takeaways From Our Five Favorite Sessions
RSA 2023 takeaways, including sessions on supply chain security, translating security for the board, & the psychology of DevSecOps.
The Five Key Principles of Modern Application Security
Discover the key principles of modern application security. Learn how to secure your software and protect against evolving threats.
Just Who Exactly Should Take Responsibility for Application Security?
Explore the complexities of application security responsibility in the age of DevSecOps and supply chain breaches. Who should take the lead?
Securing the Software Supply Chain: Key Findings from the Mend Open Source Risk Report
Discover key findings from the Mend Open Source Risk Report on securing the software supply chain. Watch the webinar for more insights.
Yandex Data Leak Triggers Malicious Package Publication
Discover how the Yandex data leak triggered malicious package publication, leading to supply chain security risks.
Malicious Code Deletes Directories If You Do Not Have a License
Discover how malicious code can delete directories if you don't have a license. Learn about supply chain security and license compliance.
Mend’s Trends for 2023
Stay ahead of cyber threats with Mend's Trends for 2023. Experts predict a rise in AI-driven cybercrime and open source vulnerabilities.
Introducing the Mend Open Source Risk Report
Discover the latest insights on open source risk management in the Mend Open Source Risk Report.
DevSecOps: A Comprehensive Guide to Securely Managing Your DevOps Workflow
Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.
Top Three User Priorities for Software Composition Analysis
Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.
Advisory: New OpenSSL Critical Security Vulnerability
Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.
Six Golden Rules for Software and Application Security
Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!
Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm
Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.
