Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...
The Malaysian Reserve

ActiveState Unifies 79M Components to Launch World’s Largest Secure Open Source Catalog

By consolidating 12+ language ecosystems into a single repository, the ActiveState Catalog enables DevSecOps teams to slash ...