GoCD patches ‘Highly Critical’ authentication vulnerability
GoCD has patched a Critical authentication vulnerability in its GoCD CI/CD tool.
SDLC
Malicious PyPI software packages found stealing payment card numbers and injecting code
Security researchers have discovered malicious software packages from Python’s official third party software package repository PyPl stealing payment card numbers and injecting code.
Microsoft introduces Application Inspector
Microsoft has introduced a new source code analyzer tool dubbed Microsoft Application Inspector. The tool is designed to “identify interesting features in source code” and can help enable developers understand software components your apps use.
OWASP API Security Top 10 2019
The Open Web Application Security Project (OWASP) has released its OWASP API Security Top 10 2019. This is the first version of the API Top 10. OWASP will likely update the guidelines every three to fours years, similar to the other OWASP Top 10 series.
GitHub launches ‘Security Lab’ to help secure open source software
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.