GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks.

GitHub to use Copilot interaction data for AI model training

GitHub Copilot already ruffled feathers when it first arrived. and now it's going to use your interactions with it to train ...
SecurityWeek

From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI

The hackers compromised GitHub Action tags, then shifted to NPM, Docker Hub, VS Code, and PyPI, and teamed with Lapsus$.
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide. This analysis walks through the Trivy supply‑chain compromise, attacker ...
TMCnet

New Diffblue Testing Agent Automatically Generates Comprehensive Regression Test Suites To Derisk Application Modernization

Diffblue today announced the general availability of the Diffblue Testing Agent, an autonomous regression test generator that works with an enterprise's existing AI coding platform - GitHub Copilot, ...
WinBuzzer

Anthropic Shows How to Scale Claude Code with Subagents and MCP

Anthropic has detailed advanced Claude Code patterns for subagent orchestration, MCP tool integrations, and context ...
The Tech Portal

OpenAI to acquire Python tools startup ‘Astral’ to expand Codex capabilities

OpenAI has announced an agreement to acquire Astral, a developer-focused startup known for building high-performance tools in the ...