Spread the loveThe cybersecurity landscape has been shaken by a significant supply chain attack involving the popular Trivy vulnerability scanner, a tool widely used in DevOps environments. Developed ...

GitLab Inc., the intelligent orchestration platform for DevSecOps, today released GitLab 18.10, making it easier and more ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

Vibe coding apps ship with alarming security flaws. What founders need to know about AI-generated code vulnerabilities in ...

New agent proactively installs Seal's remediation component on new projects, validates fixes through automated testing, and routes final approval to a human - enabling teams to remediate open source ...

Corridor, the security platform built for AI-native software development, has raised a $25 million Series A at a $200 million valuation, led by Felicis, with participation from Conviction, Timeless, ...

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.

Unlike traditional SAST, code scanners or pen testers, Xint Code uses multi-LLM reasoning and orchestration for human-like contextual understanding, identification and prioritization of hidden ...

Mondoo, the pioneer in agentic vulnerability management, today announced the Mondoo Agentic Managed Vulnerability Service, a new expert-led offering that moves organizations from endless scanning and ...

Open-source projects form much of the foundation of modern software, with many systems used in the industry relying on code written and maintained by volunteers or small teams. Those maintainers often ...

Offensive cybersecurity firm Theori Inc. today announced the commercial availability of Xint Code, a new large language model ...