No patch yet so disable web UI on affected devices
Keeping development and cloud teams within the security guardrails takes a bit of know-how, says security lead John Day
The imperatives of digital mean that security is now about quantifying and managing risk, rather than regulatory compliance, says Sumedh Thakar
Funded Cyber Essentials Programme will be free for some small charities and legal groups that handle sensitive data
The bipartisan Securing Open Source Software Act is a positive development for open source software everywhere
The 12-year-old flaw exists in the pkexec component of Polkit system utility
Open source is everywhere, including critical infrastructure. Should governments be playing more of a role in its governance?
Four security vendors give their view on staffing issues, zero trust and threat intelligence
This year's Open Web Application Security Project list is out, with novel categories and a new number one
SBOMs are now law in the US, but it will be a challenge to make them work