Editor’s picks: Managing modern risksanalysis3 reasons to consider a data security posture management platformData must be protected no matter where it's stored or how it's being used. Here's how DSPM platforms prevent data breaches—whether the data is stored, in transit, or used by AI.By Isaac SacolickFeb 18, 20258 minsData ArchitectureData and Information SecuritySoftware Development news Don’t use public ASP.NET keys (duh), Microsoft warnsBy Paul KrillFeb 11, 20252 minsApplication SecurityMicrosoft .NETWeb Developmentanalysis The hidden threat of neglected cloud infrastructureBy David LinthicumFeb 07, 20255 minsCloud ComputingCloud ManagementCloud Security featureNot seeing ROI from your AI? Observability may be the missing link By Anupam Datta Feb 04, 20258 minsData GovernanceData and Information SecurityGenerative AI opinionDoing authentication rightBy Nick Hodges Jan 29, 20258 minsAuthenticationMultifactor AuthenticationSoftware Development featureHow to pick the right SAST toolBy Jenn Gile Jan 27, 202510 minsApplication SecurityDevSecOpsDevops analysisThe AI security tsunamiBy David Linthicum Jan 21, 20255 minsArtificial IntelligenceData and Information SecurityGenerative AI newsCISA publishes security goals for software development process, product designBy Paul Krill Jan 13, 20253 minsApplication SecurityData and Information SecurityDevSecOps More SecuritynewsAttackers attempted hijacking 12,000 GitHub accounts with click-fix alertsThe fake alerts trick users into authorizing a malicious OAuth application capable of a full account takeover.By Shweta SharmaMar 17, 20251 minDeveloperSecurity news Linux Foundation warns of US OFAC sanctionsBy Paul KrillFeb 03, 20253 minsApplication SecurityData and Information SecurityOpen Sourcenews Palo Alto Networks releases QRNG API frameworkBy Paul KrillJan 23, 20252 minsData and Information SecurityQuantum ComputingSecurity newsSecure AI? Dream on, says AI red teamBy Paul Barker Jan 17, 20257 minsArtificial IntelligenceGenerative AISecurity featureThe vital role of red teaming in safeguarding AI systems and dataBy Dane Sherrets Dec 31, 20245 minsApplication SecurityData GovernanceGenerative AI opinionWeaponizing generative AIBy Matt Asay Dec 16, 20244 minsArtificial IntelligenceGenerative AISecurity newsSupply chain compromise of Ultralytics AI library results in trojanized versionsBy Lucian Constantin Dec 09, 20241 minDevelopment Libraries and FrameworksPythonSecurity featureA GRC framework for securing generative AIBy Trevor Welsh Nov 19, 202411 minsApplication SecurityData GovernanceGenerative AI newsJava proposals would boost resistance to quantum computing attacksBy Paul Krill Nov 08, 20242 minsApplication SecurityData and Information SecurityJava ArticlesbrandpostSponsored by IDCKazakhstan’s SOS 102: Redefining Public Safety Through InnovationBy IDC Jan 23, 2025 4 minsSecuritynews‘Package confusion’ attack against NPM used to trick developers into downloading malwareAttackers gunning for supply chains again, deploying innovative blockchain technique to hide command & control.By John E. Dunn Nov 06, 2024 4 minsOpen SourceSecurityVulnerabilitiesnews analysisWhat Entrust certificate distrust means for developersSecure communications between web browsers and web servers depend on digital certificates backed by certificate authorities. What if the web browsers stop trusting your CA? By Travis Van Oct 30, 2024 9 minsApplication SecurityBrowser SecurityWeb DevelopmentanalysisWhy are we still confused about cloud security?We’re building too much complexity and are ill-trained to secure it. The result will be breach after breach, while enterprises wonder what happened. Get a clue now.By David Linthicum Oct 15, 2024 5 minsCloud SecurityIdentity and Access ManagementSecurity InfrastructurenewsOpen source package entry points could be used for command jackingThreat actors could use these supply chain attacks to compromise applications, says Checkmarx.By Howard Solomon Oct 14, 2024 1 minOpen SourceSecurityVulnerabilitiesanalysisWhy cloud security outranks cost and scalabilityToo many businesses believe that adequate security is too expensive. Here are some ways to keep costs manageable. By David Linthicum Oct 04, 2024 5 minsAPIsCloud SecurityMicroservicesanalysisUnderstanding VBS Enclaves, Windows’ new security technologyMicrosoft is protecting Recall’s vector indexes in trusted execution environments. It adds a bit of computational overhead, but is a must for data security.By Simon Bisson Oct 03, 2024 8 minsContainersData and Information SecurityWindows SecuritynewsJava 23 highlights crypto performance and securitySecurity-related enhancements include crypto performance updates, new debugging options, and additions to Kerberos and PKI.By Paul Krill Sep 24, 2024 3 minsJavaProgramming LanguagesSecurityopinionSecurity takes a front seatThreats that have always existed but are now amped up by generative AI are making enterprise leadership take notice and open the purse strings. By Matt Asay Aug 19, 2024 4 minsApplication SecurityCloud SecurityTechnology IndustryanalysisRed-teaming AI with PyRITMicrosoft has open sourced a key piece of its AI security, offering a toolkit that links data sets to targets and scores results, in the cloud or with small language models.By Simon Bisson Aug 15, 2024 7 minsApplication SecurityGenerative AIMicrosoft AzureanalysisFocusing open source on security, not ideologyIn today’s world where everything gets hacked, conversations about security are what’s truly important, especially to attract younger developers to open source.By Matt Asay Jul 22, 2024 4 minsCloud SecurityOpen SourceSecurity PracticesfeatureHow evolving AI regulations impact cybersecurityGetting in front of AI risks includes understanding evolving regulations. Here’s what that means for cybersecurity leaders. By Ram Movva and Aviral Verma Jul 02, 2024 8 minsApplication SecurityData GovernanceGenerative AI Show more Show less View all Video on demand videoHow to Run WebAssembly outside the browser with WasmerWebAssembly apps can run at near-machine-native speeds in a browser — and outside of it, too, with the Wasmer runtime. In this video you’ll see how Wasmer can run WebAssembly apps from the command line, download pre-packaged apps from the wasm.io online package registry, and work with local WebAssembly binaries you’ve already downloaded or built. What is WebAssembly? The next-generation web platform explained | InfoWorld https://www.infoworld.com/article/2255892/what-is-webassembly-the-next-generation-web-platform-explained.html Wasmer takes WebAssembly server-side | InfoWorld https://www.infoworld.com/article/2262266/wasmer-takes-webassembly-server-side.html Wasmer melds WebAssembly, Posix with WASIX spec | InfoWorld https://www.infoworld.com/article/2338550/wasmer-melds-webassembly-posix-with-wasix-spec.html Mar 12, 2025 5 minsPython How to use Dioxus | A new library for cross-platform apps in Rust Mar 12, 2025 4 minsPython The Python 3.14 interpreter speedups explained Mar 04, 2025 4 minsPython What is LLVM? | The compiler infrastructure explained Feb 21, 2025 6 minsPythonSee all videos Explore a topic Analytics Artificial Intelligence Careers Cloud Computing Data Management Databases Development Tools Devops Emerging Technology Generative AI Java JavaScript Microsoft .NET Open Source View all topics Show me moreLatestArticlesVideos news Kotlin bolsters K2 compiler plugin support, WebAssembly debugging By Paul Krill 21 Mar 20252 mins KotlinProgramming LanguagesSoftware Development news OpenSilver extends to iOS and Android By Paul Krill 21 Mar 20252 mins C#Development Libraries and FrameworksMicrosoft .NET news Nvidia launches AgentIQ toolkit to connect disparate AI agents By Anirban Ghoshal 21 Mar 20253 mins Generative AISoftware Development video What is software bill of materials? | SBOM explained 18 Feb 20254 mins Python video The Zig language: Like C, only better 11 Feb 20254 mins Python video How to remove sensitive data from repositories | Git Disasters 31 Jan 20255 mins Python