GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...

In today’s digital-first world, cybersecurity and cloud automation have become the backbone of modern IT infrastructure.

GitHub has just announced the availability of custom images for its hosted runners. They've finally left the public preview ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions. Evidence ...

Anthropic launched Mythos and Project Glasswing days after a Claude Code leak exposed source files and caused a GitHub ...

Overview On March 31, NSFOCUS CERT detected that the npm repository of the HTTP client library Axios was poisoned by the supply chain. The attacker bypassed the normal GitHub Actions CI/CD pipeline of ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Overview On March 11, NSFOCUS CERT detected that Microsoft released the March Security Update patch, which fixed 83 security issues involving widely used products such as Windows, Microsoft Office, ...

Two key Democratic lawmakers warned that the Trump administration’s first approval for exports of Nvidia Corp.’s H200 AI chips to China risks harming US national security and called for bipartisan ...

Y Combinator’s famed CEO Garry Tan told a SXSW audience that he’s got “cyber psychosis” and is barely sleeping because he’s so excited to be working with AI agents. “I sleep, like, four hours a night ...

Canonical has just released the beta of the next Ubuntu LTS – but what's grabbed the attention of many is that it features ...