The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...
InfoWorld

Postman API platform adds AI-native, Git-based workflows

Looking to accelerate API development via AI, Postman has added AI-native, Git-based API workflows to its Postman API platform. The company also introduced the Postman API Catalog, a central system of ...
heise online

Postman becomes Git-native and gears up for AI agents in API development

API toolmaker Postman has unveiled a fundamentally revised version of its development platform. The update makes the application completely Git-native and introduces new functions with Agent Mode and ...
Crypto Briefing

Zerion API now supports x402 payments on Base

Zerion API integrated the x402 protocol. Any AI agent with a crypto wallet can now make an API call, pay 0.01 USDC on Base, ...

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using ...

TeamPCP hackers deface Aqua Security's internal GitHub

Aqua Security is scrambling to recover from supply chain attacks that first compromised the vendor's Trivy vulnerability ...

How Claude Code's new auto mode prevents AI coding disasters - without slowing you down

Anthropic's middle-ground mode aims to reduce interruptions while protecting developers from destructive commands. Here's why ...
New Scientist

Security credentials inadvertently leaked on thousands of websites

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access ...
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...

ClawSecure: The Only Complete Security Solution for OpenClaw Agents

While competing tools address fragments of OpenClaw security, ClawSecure is the only platform combining scanning, ...