Infosecurity Magazine

Secure Coding News

Scroll down for all the latest news and information on secure coding.

Latest News and Features

VVS Stealer Uses Advanced Obfuscation to Target Discord Users

News

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

News Feature

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major software supply chain incidents

Reworked MacSync Stealer Adopts Quieter Installation Process

News

Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access

News

Open-source server monitoring tool, Nezha, is being exploited by attackers for remote system control

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

News

JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

News

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

News

OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

News

Log4Shell Downloaded 40 Million Times in 2025

News

Malicious VS Code Extensions Deploy Advanced Infostealer

News

Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data

Webinars Coming Up

Securing M365 Data and Identity Systems Against Modern Adversaries

White Papers

Gcore Radar: DDoS Attack Trends Q3 to Q4, 2023

White Paper

Secure Coding Culture Playbook

White Paper

Web Application Security for Pharma and Healthcare

White Paper

On-Demand Webinars

  • Unpacking the Top Vulnerabilities Exploited by Sophisticated Attackers
  • Experiencing a DDoS Simulation to Enhance Defenses
  • Mastering Software Supply Chain Security with Strategic Defense Mechanisms
  • The Infosecurity Magazine End of Year Xmas Quiz (Feat. The Beer Farmers)
  • Updating Your Active Directory Security to the Modern Threat Environment
  • How to Secure Your Applications Against API Attacks
  • Why APIs will be the No. 1 Enterprise Attack Vector in 2022
  • Modernizing AppSec and Developer Security Programs
  • How Zero Trust Enables Remote Working and Builds to a SASE Vision
  • Hybrid Working Has Accelerated Cloud Application Adoption: What About Security?

Podcasts

  • IntoSecurity Chats Episode 1 - Katie Moussouris

More news and features

Critical PickleScan Vulnerabilities Expose AI Model Supply Chains

News

Malware Manipulates AI Detection in Latest npm Package Breach

News

UK Report Proposes Liability For Software Provider Insecurity

News

New Shai-Hulud Worm Spells Trouble For npm Users

News

New npm Malware Campaign Redirects Victims to Crypto Sites

News

A new malware campaign has been observed built on seven npm packages and using cloaking techniques and fake CAPTCHAs, operated by threat actor dino_reborn

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

News

Qilin Ransomware Activity Surges as Attacks Target Small Businesses

News

Qilin group ransomware incidents have surged in SMBs, exploiting security gaps and collaborating with Scattered Spider threat group

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

News Feature

65% of Leading AI Companies Found With Verified Secrets Leaks

News

A new study has revealed 65% of top AI firms have leaked sensitive data on GitHub, risking $400bn in assets

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

News

Blogs

Rebuilding Digital Trust in the Age of Deepfakes

Blog

Inside the Chip: Rethinking Cybersecurity from the Ground Up

Blog

Next-Gen Infosec

How to Prevent Data Leakages

Next-Gen

Top Cloud Misconceptions that Could Damage Your Organization

Next-Gen

Improve Asset Visibility in OT Security With Hybrid AI-Cloud Approaches

Next-Gen