development

Popular AI code assistants try to call non-existent libraries. But what happens if attackers actually create them?

We look at the most notable supply-chain attacks of 2024.

The JavaScript CDN service Polyfill.io has started spreading malicious code. Remove the service’s script from your website.

We take an in-depth look at securing and configuring containerization systems.

What security aspects should be top-of-mind when implementing important changes in corporate IT infrastructure?

Low-code apps lower IT costs, but boost information security risks. How to mitigate them?

Сloud technologies differ in terms of both costs and risks. What cloud type should you choose, and how should you begin your migration?

Open-source applications require proper implementation and maintenance; otherwise a company could face many threats. We highlight the key risks.

Business is actively moving over to open-source solutions. How can the transition be made successfully, and what are the risks to consider?

Illegal businesses in the shadow economy need employees no less than their legal counterparts. Let’s take a look at how “dark HR” works.

An interesting bug in one of the most popular embedded DBMS.

Researchers from Cambridge describe the Trojan Source method for inserting hidden implants in source code.

Supply-chain attacks through public repositories have become more frequent of late. Here’s how to deal with them.

Why working in Kaspersky Lab has always been more than just business.