5d
OpenSSF Notes Quarter of Growth with New Members, Added AI Security Resources, and Growing Community
The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...
The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.
Iranian government-linked hackers sabotaged the computer infrastructure of Los Angeles’s transit system by using access to a ...
Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
Demand for security engineers has surged as artificial intelligence generates a glut of new code and models like Anthropic’s Mythos create new concerns.
The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.
A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...
The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Hadrian today released OpenHack, a tool for AI-powered source code review that delivers high-quality results at a fraction of the cost ...
GitHub has contained a breach involving unauthorized access to thousands of internal repositories, allegedly linked to a ...
Researchers say the campaign abused compromised access tokens and deploy keys to inject malicious GitHub Actions workflows ...
GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results