Bleeping Computer

Microsoft shares CodeQL queries to scan code for SolarWinds-like implants

Microsoft has open-sourced CodeQL queries that developers can use to scan source code for malicious implants matching the SolarWinds supply-chain attack. In December, it was disclosed that threat ...
Dark Reading

GitHub Tool Spots Security Vulnerabilities in Code

A code-scanning capability that GitHub has been testing for the past several months is now generally available for organizations using the platform as part of their software development process. The ...