Threat Digest

Abstract representation of digital code being accessed and stolen.

Grafana Codebase Breach: What It Means For Your Software

Grafana's source code was downloaded by attackers who then demanded a ransom. The incident highlights a growing trend in data extortion, impacting software development pipelines.

5 min read 6 days, 4 hours ago

🕳️

Vulnerabilities & CVEs

RubyGems Suspends Registrations After Malicious Package Flood

A wave of malicious packages has forced RubyGems.org, the central repository for Ruby libraries, to shut down new account registrations. This move highlights ongoing supply chain vulnerabilities that threaten developer workflows.

5 min read 1 week, 3 days ago

🕳️

Vulnerabilities & CVEs

AI Code Boom Overwhelms AppSec — Black Duck CEO Sounds Alarm

AI coding assistants cranked out 16 billion lines of code in 2023 alone. That's forcing a frantic rethink in application security, says Black Duck's Jason Schmitt.

4 min read 1 month, 2 weeks ago

#software-supply-chain

Grafana Codebase Breach: What It Means For Your Software

RubyGems Suspends Registrations After Malicious Package Flood

AI Code Boom Overwhelms AppSec — Black Duck CEO Sounds Alarm