5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

Failed Stopgap Funding Bill Puts Key Federal Cybersecurity Legislation in Jeopardy

The collapse of an emergency federal funding bill leaves the fate of cybersecurity legislation that provides legal protection for companies sharing cyber-threat intelligence up in the air.

Your passkeys could be vulnerable to attack, and everyone - including you - must act

When a clickjack attack managed to hijack a passkey authentication ceremony, were password managers really to blame? ZDNET's investigation reveals a more complicated answer.