Subscribe to the Kusari monthly newsletter

The Kusari Edge

February

2025

ICYMI: Noteworthy Headlines 🗞️

Deactivate those expired AWS S3 buckets; tidy up to avoid a major issue
Cybercriminals continue to go after JavaScript (npm) and Python (PyPI): malware impersonated DeepSeek and stole private keys, deleted data
End of life creates security risks too – make a plan to migrate from these 12 critical open source projects losing security support in 2025
DeepSeek arrived and was welcomed with a malicious attack

Latest from Kusari

Keeping health data local and private reduces risks, but not all medical devices follow suit; some contain undocumented backdoors
Pinning dependencies is an essential best practice to lock down risks
We support Linux Foundation Europe and OpenSSF on their global cybersecurity legislation preparedness initiative

Upcoming Events 📣

Our team will be at the New York Cybersecurity Summit on March 6; come see us

What’s up with GUAC? 🥑

Did you miss something in GUAC’s busy 2024? Catch up in a few minutes with the year-in-review
GUAC added support for reporting via OpenTelemetry; read the v0.13.0 release announcement to learn more
2025 is off to a great start; check out the January update to see why

Resource of the Month ⚒️

SBOMs can get complex; sometimes it helps to visualize your SBOM

‍