Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Analysis of 2024 vulnerability exploitation patterns reveals faster weaponization timelines, shifting target profiles, and the growing importance of edge device vulnerabilities.
Fog ransomware has carved a niche by targeting educational institutions — organizations with tight budgets, thin security teams, and massive attack surfaces. Here is how they operate.
INC Ransom has made healthcare a primary target, exploiting the sector's unique vulnerabilities and urgency. A deep dive into their operations and what healthcare security teams should prioritize.
Microsoft disabled macros by default in 2022. Attackers adapted. The macro threat has evolved, not disappeared.
In 2024, DPRK-linked groups dramatically escalated their campaign to compromise developers through malicious npm packages, using fake job offers and typosquatting to deploy infostealers and backdoors.
Ransomware groups increasingly target VMware ESXi hypervisors to encrypt entire virtual environments at once. The 2024 campaigns exploited known and zero-day vulnerabilities for maximum impact.
Reports emerged that a hacker accessed OpenAI's internal messaging systems in early 2023, raising questions about AI company security practices and the risks of concentrated AI development.
Supply chain threat intelligence goes beyond CVE databases. Specialized feeds track malicious packages, compromised maintainers, and emerging attack techniques targeting the software supply chain.
BianLian abandoned encryption entirely in favor of data theft and extortion. This shift reveals where ransomware economics are heading — and why traditional defenses are lagging behind.
Weekly insights on software supply chain security, delivered to your inbox.