Optus breach is a wake-up call for secure coding practices

A “coding error” in Optus Mobile's systems led to a massive data breach affecting over nine million customers, sparking a lawsuit from the Australian Communications and Media Authority (ACMA).

The case, filed under number VID429/2024 in the Federal Court of Australia, highlights the severe consequences of software vulnerabilities in large-scale systems.

The breach, which affected over nine million Optus users, was caused by a seemingly simple coding error—a stark...

Sauce Labs exposes some developers’ risky habits

A survey by Sauce Labs of 500 US-based developers has put the spotlight on some concerning practices.

One alarming discovery was the tendency of developers to push code to production without adequate testing. 67 percent of respondents admitted to this practice, jeopardising software quality, user experience, and system stability.

Additionally, 68 percent confessed to merging their own pull requests without review—raising concerns about potential security...

Why faster developer feedback time is getting important and how enterprises are accelerating it

“No matter how embedded your brand is in customers’ lives today, if you stop meeting their expectations, it’s easy for them to switch to a competitor tomorrow. ”

- Forrester’s Best Practice Report titled ‘Optimize Your Digital Experience To Compete For Customers’

Innovation cycles for digital businesses have become shorter. Period. There’s no hiding from this truth. New-age digital-first customers have a variety of options at their fingertips. With a...

10 best practices to get the most out of test automation

Have you tried eating nuts in the shell? If yes, I guess it was not a very successful experience. Although everyone knows that nuts are very healthy and nutritious. Paradoxically, many companies implement test automation without looking at the nuances. Everyone knows that it is good for business (just like nuts for our body!). However, if you do not follow certain approaches, you can lose some of the benefits of automation. To avoid this, we have collected 10 best practices for test...

Travis CI flaw exposed thousands of open-source projects’ secrets

A flaw in popular software testing tool Travis CI exposed the secrets of thousands of open-source projects.

Travis CI is a hosted continuous integration service used to build and test software projects hosted on GitHub and Bitbucket.

For at least a week – between 3-10 Sept – open-source repos that used Travis CI had their keys, credentials, and tokens exposed.

Ethereum developer Felix Lange discovered a flaw with how Travis CI handled environmental...

Perforce acquires AI-based mobile testing experts 21 Labs

Enterprise development solutions provider Perforce has acquired the AI-based mobile testing experts at 21 Labs.

The acquisition will bolster Perforce’s existing portfolio of solutions for the enterprise development lifecycle with powerful testing capabilities.

21 Labs’ self-learning, AI-based mobile automation testing tool helps businesses to deploy quality iOS and Android apps faster.

Shani Shoham, CEO and Founder of 21 Labs, said:

“Together,...

Codecov breach prompts fears of another SolarWinds-style hack

A hack impacting software testing firm Codecov is expected to have resulted in hundreds of networks being compromised, prompting fears of a fallout similar to the recent SolarWinds attack.

Codecov has over 29,000 customers including companies such as IBM, Proctor & Gamble, Hewlett Packard Enterprise, Atlassian, Washington Post, and GoDaddy. The potential scale of the attack has led to a federal investigation.

"We are aware of the claims and we are investigating...

Featured: Developer’s list of innovative companies to watch in 2021

Governments may not have classed developers as “essential workers” during the pandemic, but we know they are.

The companies in our most innovative companies list for 2021 are helping developers to deliver the full potential of their visions quickly which, in turn, is often helping end-users in ways that can’t be understated.

In alphabetical order:

Appery

Appery’s mission is to “accelerate your mobile innovation” and its low-code app...

Corellium enables iOS device virtualisation on individual accounts

Security research firm Corellium has enabled the virtualisation of iOS devices on individual accounts.

Corellium won a lawsuit filed against it by Apple in December which led to this week’s policy change.

In the lawsuit, first filed in 2019, Apple alleged Corellium's virtualisation violated copyrights relating to iOS, iTunes, and UI. However, the court ruled in Corellium’s favour after deeming the company’s virtualisation comes under fair use.

Virtual iOS...