News | Checkmarx Application Security


Your one stop for the latest application security articles, stories, and trends. Stay on top of the news and know what’s happening, both at Checkmarx and in the industry at large.


This is how I convinced the CEO of Salesforce to invest in our startup
September 12, 2022

Checkmarx consistently challenges the boundaries of application security, to make application security easy and natural for the software developer community; and at the same time give CISOs the ability and... Read More

JuiceLedger Hacker Linked to First Phishing Campaign Targeting PyPI Users
September 2, 2022

A new advisory by SentinelLabs and Checkmarx has linked a threat actor called ‘JuiceLedger’ to the first known phishing campaign targeting Python Package Index (PyPI) users. Read More

Actors behind PyPI supply chain attack have been active since late 2021
September 1, 2022

The official software repository for the Python language, Python Package Index (PyPI), has been targeted in a complex supply chain attack that appears to have successfully poisoned at least two legitimate... Read More

The security flaw that Python developers should be aware of
August 29, 2022

Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Read More

RING OF FIRE: Millions of Ring doorbell owners warned of ‘high severity’ bug – check your app now
August 23, 2022

A 'HIGH severity' app blunder put Ring doorbell video recordings at risk, it's been revealed. Tech giant Amazon quietly updated the Ring app for Android in May to fix the security slip-up. Read More

Amazon’s Ring Patches Flaw That Could’ve Let Hackers Access Camera Footage
August 18, 2022

Earlier this year, security researchers uncovered a way to access a customer’s Ring security camera footage by hacking the Android app for the service. On Thursday, cybersecurity vendor Checkmarx disclosed(Opens in a new... Read More

Amazon Ring vulnerability could have been used to spy on users
August 18, 2022

Amazon has patched a vulnerability in the Ring Android application which, left unchecked, had the potential to expose the personal data of Ring product owners, including their video recordings and location data,... Read More

Ring patched an Android bug that could have exposed video footage
August 18, 2022

Amazon quietly but quickly patched a vulnerability in its Ring app that could have exposed users' camera recordings and other data, according to security firm Checkmarx. Read More

Amazon’s Ring quietly fixed security flaw that put users’ camera recordings at risk of exposure
August 18, 2022

Amazon-owned Ring quietly fixed a “high-severity” security vulnerability in May that could have allowed malicious actors to access camera recordings from Ring video doorbells and extract users’ personal data. Read More

Black Hat 2022 Reveals Enterprise Security Trends
August 15, 2022

The blast radius of cyberattacks on an enterprise is projected to keep growing, extending several layers deep into software supply chains, devops and tech stacks. Black Hat 2022’s presentations and announcements for enterprise security provide a sobering look at how enterprises’ tech stacks are at risk of more complex, devastating cyberattacks. Held last week... Read More

Top cybersecurity products unveiled at Black Hat 2022
August 11, 2022

Zero trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings were among the top products and services launched at Black Hat USA 2022 this week in Las Vegas. Read More

Checkmarx API Security identifies shadow and zombie APIs during software development
August 11, 2022

In Las Vegas, at Black Hat USA 2022, Checkmarx has released Checkmarx API Security, the “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from... Read More

35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?
August 4, 2022

A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects —... Read More

Cybersecurity Startups Make Waves at RSAC 2022
June 9, 2022

RSA Conference 2022 showcased cybersecurity startups vying for a foothold in the crowded market. Here’s a roundup of the top announcements. Read More

Checkmarx Fusion Released
June 8, 2022

Checkmarx announced the availability of Checkmarx Fusion, a context-aware correlation engine that enables full visibility into applications, component interactions, and bills of materials. Read More

Hottest new cybersecurity products at RSA 2022
June 8, 2022

The annual RSA Conference is an opportunity for companies to showcase their latest cybersecurity products. Here are some of the most interesting new products being shown at RSA Conference 2022. Read More

2022 Women of the Channel Awards 
May 10, 2022

This year, CRN honors nearly 1400 women whose channel expertise and vision are deserving of recognition. The Most Powerful Women Of The Channel 2022: Power 100 > The Power 100 is culled from the ranks of CRN’s Women of the Channel and spotlights the female executives at vendors and distributors... Read More

DevSecOps: como integrar desenvolvimento, segurança e operações? 
May 10, 2022

O cenário da infraestrutura de TI passou por mudanças exponenciais na última década. A migração para plataformas ágeis de computação em nuvem, armazenamento, dados compartilhados e aplicativos dinâmicos trouxe enormes... Read More

Checkmarx Report Highlights Need for AppSec Collaboration 
May 9, 2022

A research report published by Checkmarx finds the same basic malicious software developed using multiple programming languages as cyberattackers industrialize their malware development processes. Read More

World Password Day helps to raise security awareness 
May 5, 2022

The death of the password is something that has been predicted for a very long time. But the venerable means of securing our accounts still clings tenaciously to life. Today's World Password Day is designed to raise awareness of the continued importance of passwords and the need -- where we do still... Read More

Skip to content