Part of the SD Times 100 2026 series. See the full SD Times 100 2026 list for every category and honoree. Application security has spent years maturing around a relatively stable assumption: a human ...
The software industry has spent years learning that open-source packages can carry hidden risk. The OpenClaw incident shows why artificial intelligence agents may raise the stakes.According to ...
VulNow B.V., a predictive software supply chain risk intelligence platform, today announced its formal appointment as a CVE™ (Common Vulnerabilities and Exposures) Numbering Authority (CNA) under the ...
This month’s updates help security and IT teams strengthen identity and multicloud foundations, protect data wherever it ...
Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...
"Facial recognition technology and biometric surveillance have no place in the Castro," Norman posted on June 17 on social ...
Deloitte, IBM, and Red Hat today announced a collaboration to help protect the software supply chain against increasingly automated cyber threats. Deloitte joins the initiative as an integration ...
When AI-assisted vulnerability discovery makes it dramatically easier to identify weaknesses hidden inside modern dependency ...
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
GitHub shipped /security-review — a dedicated slash command for GitHub Copilot CLI — on Wednesday, putting AI-driven vulnerability scanning inside the terminal for the first time as an experimental ...
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code ...