Agile learning platform startup Secure Code Warrior Ltd. today announced that it has raised $50 million in new funding for product innovation and go-to-market efforts with a focus on increasing market share. Founded in 2015, Secure Code Warrior offers an agile learning platform for developer-driven security leaders to write secure code. The company’s platform uses agile ...

Application security testing firm Checkmarx Ltd. today announced the CheckAI GPT Plugin, a plugin designed to detect and prevent potential attacks against ChatGPT-generated code. The CheckAI GPT Plugin is designed to allow developers and security teams to defend against attacks instigated by malicious open-source packages and dependencies within the ChatGPT interface. When combined with Checkmarx’s Supply Chain Threat ...

A new report today from Forescout Technologies Inc.’s Vedere Labs identifies the riskiest devices on enterprise networks in 2023, examining connected-device security to expand the general understanding of the threat landscape. Thirteen of the 20 most vulnerable devices identified in this year’s report were the same as in 2022. Entering the fold in this year’s report were ...

A new report from DocSend Inc., a Dropbox Inc. company, finds a widening gap between founder and investor activity amid the ongoing downturn in the venture capital funding industry. The downturn in venture capital funding has been well-documented. Just last week, a report from Crunchbase Inc. detailed that VC funding fell 49% in the second quarter ...

A new report published by cybersecurity startup SlashNext Inc. today warns that cybercriminals are using generative artificial intelligence, including a custom-built tool, to undertake nefarious activities. The rise of AI over the last year has been well-documented, but often ignored is that the sophistication of AI has also introduced a new vector for business email compromise attacks. ...

Israeli cloud cybersecurity startup Orca Security Ltd. today filed a lawsuit against its Israeli rival Wiz Inc. claiming that Wiz has infringed its patents. The suit, filed in the U.S. District Court, District of Delaware, claims that Wiz built its business on infrastructure that Orca had first developed and, in doing so, intentionally violated Orca’s intellectual property. The ...

Software supply chain company JFrog Ltd. today launched JFrog Curation, an automated DevSecOps solution that checks and blocks infected open-source or third-party software packages and their dependencies before they enter a company’s development pipeline. With a large proportion of modern software development relying heavily on open-source libraries, JFrog Curation has been designed to tackle the security risks open-source ...

Third-party risk management companies ProcessUnity Inc. and CyberGRX Inc. announced today they will merge to create a comprehensive software and data platform designed to enhance identifying, assessing, analyzing and reducing risk within clients’ ecosystems. The merged companies said they will offer the combined capabilities of a best-in-class TPRM workflow platform and the world’s largest global cyber risk ...

Crowdsourced cybersecurity startup Bugcrowd Inc. has today released a new report that found hackers are more skeptical than Silicon Valley investors when it comes to artificial intelligence. Bugcrowd’s annual Inside the Mind of a Hacker report found that more than half of respondents, 55%, said that AI could already outperform hackers or will be able to do ...

Researchers at cybersecurity firm Wiz Inc. today detailed a newly discovered Python-based fileless malware that’s targeting cloud workloads. Dubbed “PyLoose,” the attack is said to be the first publicly documented Python-based fileless attack targeting cloud workloads in the wild. A fileless attack does not rely on traditional executable files to carry out an attack but instead exploits tools ...