TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Two more GitHub Actions workflows have become the latest to be compromised…
Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets
Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised…
UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours
Ravie LakshmananMar 11, 2026DevSecOps / AI Security A threat actor known as…
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Ravie LakshmananMar 07, 2026DevSecOps / Artificial Intelligence OpenAI on Friday began rolling…
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
Ravie LakshmananFeb 21, 2026Artificial Intelligence / DevSecOps Artificial intelligence (AI) company Anthropic…
How AI Collapses Your Response Window
We’ve all seen this before: a developer deploys a new cloud workload…
npm’s Update to Harden Their Supply Chain, and Points to Consider
The Hacker NewsFeb 13, 2026Supply Chain Security / DevSecOps In December 2025,…
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
The Hacker NewsFeb 10, 2026Application Security / Artificial Intelligence January 5, 2026,…
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Ravie LakshmananFeb 05, 2026Workflow Automation / Vulnerability A new, critical security vulnerability…