Play Store blocks users in Russia from purchasing or updating paid apps

Google is blocking users in Russia from purchasing or updating paid applications as the fallout continues from the country’s invasion of Ukraine.

The company paused billing for Russian users on 10 March 2022 due to sanctions imposed on the country. That decision impacted new app purchases, as well as in-app purchases and subscription payments.

However, Google has now updated its policy and says that it is “blocking the downloading of paid apps and updates to paid...

As demand for enterprise apps booms, agility can be found in low-code solutions

For the modern business, the ability to adapt to rapidly shifting changes within your industry, supply chain and workforce is crucial to long-term success. How quickly a business can pivot to make the most of trends and adapt to changing circumstances is made easier by embracing digital transformation and seeking out tools to make your business more flexible and scalable and therefore more effective, sustainable and profitable. 

As Gartner predicts that low-code will account...

Spring4Shell vulnerability could have ‘a larger impact’ than Log4j

A newly-discovered zero-day vulnerability known as Spring4Shell could have “a larger impact” than Log4j.

Log4j made waves in recent months as the vulnerability in the popular open-source logging library enabled attackers to break into systems, steal passwords and logins, extract data, and infect networks with malicious software.

However, attention is now shifting to the Spring4Shell exploit.

Spring4Shell is a zero-day remote code execution (RCE)...

Apps will soon need to be submitted to the App Store using Xcode 13

Apple has reminded developers that apps will soon need to be submitted to the App Store using Xcode 13.

From 25 April 2022, Apple will only accept the submission of apps that are built using the latest version of its IDE.

“iOS, iPadOS, and watchOS apps submitted to the App Store must be built with Xcode 13, which includes the SDKs for iOS 15, iPadOS 15, and watchOS 8,” wrote Apple on its developer site.

Apple goes on to tout how Xcode 13 enables developers...

Microsoft sets out to woo regulators with ‘Open App Store Principles’

Microsoft is getting ahead of potential new laws governing app stores by announcing its Open App Store Principles.

Last week, Developer reported on Apple’s latest fight against such legislation after the company sent a letter to US lawmakers urging them to reject S. 2710—a bill that would force Apple to open its notorious “walled garden” and enable the sideloading of apps.

Microsoft has managed to avoid being the focus of high-profile antitrust investigations in...

GitHub incentivises open-source investments with sponsor-only repos

GitHub is launching private repositories that only sponsors have access to, helping to incentivise open-source investments.

Open-source mostly relies on developers voluntarily giving up their time to build and improve projects. Priority is naturally given to work that helps to keep a roof over their heads and food on the table—meaning that open-source projects can be underdeveloped at best or be left with devastating vulnerabilities at worst.

A growing number of...

App Store apps can now be published as ‘unlisted’

Apple has announced that apps can now be published as "unlisted" to the App Store.

Apps that are unlisted will only be accessible via a direct link and cannot be discovered through a typical search, categories, recommendations, or chart position.

Here are a couple of provided examples where an unlisted app could be useful:

Limited audiences (such as part-time employees, franchisees, partners, business affiliates, higher-education students, or conference attendees)...

Open-source can play a critical role in tackling the UK’s developer shortage

It is no secret that developers have never been more in demand. According to a recent analysis, the shortage of “programmers and software development professionals” only ranks behind HGV drivers and nurses as the occupation where worker shortages are most acute in the UK.

The sheer pace of digital transformation across every industry means the demand for developer talent continues to outstrip supply at a rapid rate – and the situation shows no sign of abating. Just about...

Rust vulnerability enables attackers to delete files and directories

Maintainers of the Rust programming language have warned of a critical vulnerability that enables attackers to delete files and directories.

In a security advisory, the Rust Security Response Working Group wrote:

“The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable to a race condition enabling symlink following (CWE-363).

An attacker could use this security issue to trick a privileged program into...

Software supply chain attacks increased over 300% in 2021

We all knew there was an increase in software supply chain attacks in 2021, but a new study has quantified just how bad things got.

Argon Security – recently acquired by Aqua Security – published the latest edition of its annual Software Supply Chain Security Review this week.

The headline stat from Argon’s report that software supply chain attacks grew by more than 300 percent in 2021 compared to 2020.

Eran Orzel, Senior Director of Argon Customer...