Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one ...

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...

Claude Mythos’ April 7 launch accelerates vulnerability discovery, but limited access and rising false positives strain ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.

Accelerated use of AI in software development is rapidly altering the scope, skills, and strategies involved in securing code ...

Attackers published a malicious command-line version of the popular open-source password manager to the npm registry and may ...

The CS2 skin market is evolving fast — with new scam tactics, fresh security features, and trading limits reshaping how players buy, sell, and protect their items. From phishing links to API hijacks, ...

Coordinated AI Agents Deliver a Unified Five-Stage Quality Pipeline, Free and Open Source Under Apache 2.0 License ...

Here''s a scenario that might sound familiar. A company spends months rolling out a robust cloud security stack. CSPM tools?

Cisco's Jeetu Patel says the gap between piloting and shipping AI agents comes down to trust architecture — and that closing ...

Check Point researchers have found that popular AI coding assistants are unintentionally leaking sensitive internal data, ...