Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

For years, software security focused on the final product: the code that ships. Today, attackers are increasingly targeting ...

Cybersecurity stocks dropped up to 11% on February 23, 2026, after Anthropic launched Claude Code Security. The AI-powered ...

The people who keep open-source software running and secure are being flooded with reports from an unlikely source: autonomous AI agents. Why it matters: Open-source software is the foundation of the ...

Pharma giant AstraZeneca appears on Lapsus$ hacker blog with claims of stolen source code, AWS keys, and employee data ...

Open-source dependencies introduce hidden risks, from transitive vulnerabilities to supply chain attacks. Learn how to reduce ...

OpenAI is rolling out Codex Security, an AI-powered application security agent that finds, validates and proposes fixes for vulnerabilities. Why it matters: OpenAI is entering a growing market for ...

Anthropic's new AI tool, Claude Code Security, scans for code vulnerabilities, prompting a multi-billion dollar stock market crash in the cybersecurity sector. While existing scanners use pattern ...

IT and security leaders should install latest patches from the application delivery and security vendor after suspected nation-state hack. CSOs with equipment from F5 Networks in their environment ...

India’s proposal to require smartphone makers to share source code with the government and make several software changes as part of a raft of security measures has prompted behind-the-scenes ...

An RTI reveals what happened when the government met smartphone makers over source code access. Here’s what emerged.