News
Spotlight: How Secrets Sprawl Undermines Software Supply Chain Security

Mackenzie Jackson, the Developer Advocate at GitGuardian joins Paul to discuss how “secrets sprawl” on sites like GitHub threatens software supply chains. The post Spotlight: How Secrets Sprawl Undermines Software Supply Chain...

Read more
News
Dispute Over Data Leak Highlights Legal Risks for UK Researchers

An expensive, months-long legal tussle between a UK engineer and a healthcare non-profit is spurring calls for reform to the country’s 30 year-old Computer Misuse Act, which Dyke and others contend...

Read more
News
Critical Flaw Found In Widely Used Netmask Open Source Module

An IP address parsing flaw in the netmask NPM module affects hundreds of thousands of applications that rely on it. But that may be just the tip of the iceberg, researchers...

Read more
News
Episode 201: Bug Hunting with Sick Codes

The work of vulnerability research has changed a lot in the last two decades. In this episode, Security Ledger Podcast host Paul Roberts chats with the independent researcher known as “Sick...

Read more
News
Episode 200: Sakura Samurai Wants To Make Hacking Groups Cool Again. And: Automating Our Way Out of PKI Chaos

In this episode of the podcast (#200), sponsored by Digicert: John Jackson, founder of the group Sakura Samurai talks to us about his quest to make hacking groups cool again. Also:...

Read more
News
Exploitable Flaw in NPM Private IP App Lurks Everywhere, Anywhere

A serious security flaw in a commonly used npm security module, private-ip, may affect hundreds of thousands of private and public applications. The post Exploitable Flaw in NPM Private IP App...

Read more