Hacker Noon Cybersecurity

GitGuardian’s State of Secrets Sprawl Report reveals 25% increase in leaked secrets year-over-year. 70% of secrets leaked in 2022 remain active today, creating an expanding attack surface. 35% of all private repositories scanned contained at least one plaintext secret.Read All

Post-Bybit’s $1.5B hack, Human Wallet fights blind signing with a bold security fix. Join alpha testing now.Read All

Pathfinder AI expands Hunters’ vision for AI-driven SOCs, introducing Agentic AI for autonomous investigation and response. Agents will launch soon, with ongoing innovations to further streamline security operations. Agents prioritize critical threats, filtering out noise, and continuously refining investigations.Read All

Bubba AI, Inc. is building an open-source alternative to existing GRC (Governance, Risk, and Compliance) automation platforms. The company’s flagship product, Comp AI, offers a built-in risk register, and policies required for frameworks. Bubba AI has set an ambitious target: helping 100,000 companies achieve compliance with cyber security frameworks like SOC 2, ISO 27001 & GDPR.Read All

Docker Scout helps prevent container security threats by scanning images for vulnerabilities, generating Software Bill of Materials (SBOMs), and enforcing security policies. It integrates with CI/CD pipelines to automate security checks before deployment, ensuring compliance and reducing risk. The tool detects CVEs, provides remediation suggestions, and enhances supply chain security. Developers can use GitHub Actions or GitLab CI to automate scans and block insecure images. Best practices include minimizing dependencies, regular updates, and leveraging security insights for continuous protection. By integrating Docker Scout into DevSecOps workflows, teams can proactively secure containerized applications, reducing vulnerabilities before they reach production.Read All

Governments around the world are escalating demands for encryption backdoors, claiming they are required for national security needs. Experts warn that these policies create cybersecurity risks for billions of people.Read All

INE is the leading provider of networking and cybersecurity training and certifications. INE was recently named to the top 10 Hacking Certifications list. The Best Software Awards rank the world’s best software companies.Read All

This paper presents a methodology to detect and classify obfuscated malware from memory dumps using diverse machine learning models.Read All

This paper looks into various malware detection techniques, including static, dynamic, and obfuscation countermeasures via machine learning.Read All

Microsoft AI Red Team releases whitepaper detailing lessons from its 100 generative AI products. Security researchers have identified eight core security lessons from rigorous adversarial testing.Read All

2025 marks a time of unprecedented volatility in the technology job market. This year alone, roughly 7,000 jobs have been cut across dozens of tech giants. INE focuses on practical training and certification programs.Read All

Intruder has launched AI-generated descriptions for Common Vulnerabilities and Exposures (CVEs) within its free vulnerability intelligence platform, __Intel. This new feature addresses a common pain point: the often vague and technical descriptions provided by the __National Vulnerability Database.Read All

As someone who’s spent time digging through dark web marketplaces, forums, and Telegram groups, I’ve seen it all. Here’s what no one tells you.Read All

Software supply chain attacks are increasingly sophisticated and damaging, targeting the very foundations of digital infrastructure.Read All

The paper focuses on machine learning methods being applied to detect obfuscated malware in memory dumps with class imbalance addressed.Read All

Gcore’s Q3-Q4 2024 Radar report into DDoS attack trends highlights a steep long-term growth trend. The gaming industry continues to be the most targeted by DDoS attacks, accounting for 34% of all attacks. The financial services sector experienced a significant increase, with 26% of attacks in the period.Read All

In Barbie, Ken struggles with identity, feeling like he exists in Barbie’s shadow. He wants recognition, but for most of the movie, he’s “just Ken.” Many cybersecurity specialists can relate.Read All

Rust offers security, but its rigidity risks locking Linux into outdated paradigms. A hybrid solution could involve using Rust’s security for short-term components like device drivers while relying on C in long-term components to maintain adaptability.Read All

HackerNoon’s “Startups of The Year” voting wraps up on March 31, 2025. This event celebrates leading startups worldwide, with current top contenders including Sprinto, Peris.ai, and SECUREU. Major cities leading in votes are San Francisco, Singapore, and Bengaluru. Dominant industries in the race include Data Privacy and Compliance, Cybersecurity Services and Products, and IT Services. Cast your vote and learn more in this blog post.Read All

AI has rapidly transformed software development, with 75% of developers using AI coding tools like ChatGPT and GitHub Copilot. While AI boosts developer efficiency, it also introduces new security risks, including “Shadow AI” – unmanaged AI usage within organizations. This can lead to uncontrolled vulnerabilities, data leaks, and compliance violations. However, AI also offers solutions, from discovering shadow AI to enabling semantic code analysis and AI red teaming. Effective strategies include implementing guardrails, hardening code, and securing APIs. The key is balancing AI’s potential with proactive security measures to navigate this evolving landscape.Read All