Jaikumar Vijayan

2 weeks ago | reversinglabs.com | Jaikumar Vijayan |Jai Vijayan

Organizations that assume secrets protection is solely about scanning public repositories and codebases for API keys, passwords, and tokens may be overlooking a major blind spot. Collaboration and project management platforms such as Slack, Jira, and Confluence have become high-risk zones for leaked credentials due to their widespread — and largely unmonitored — use in enterprise environments.

1 month ago | reversinglabs.com | Jaikumar Vijayan |Jai Vijayan

Researchers have uncovered a disturbing new supply chain attack vector that threat actors could use to silently introduce and propagate virtually undetectable malicious code into AI-assisted software development projects. This new attack method is the latest signal that organizations whose developers are using generative AI coding tools to write software must have formal policies, awareness training, and automated safeguards. And such organizations are far from rare.

1 month ago | reversinglabs.com | Jaikumar Vijayan |Jai Vijayan

A new study adds force to the argument that organizations need to look beyond vulnerability remediation when it comes to managing and mitigating software cyber-risk. The study, by a Purdue University researcher, shows that the new Exploit Prediction Scoring System (EPSS), which many organizations are now using to prioritize vulnerability remediation, is not as effective as previously assumed.