Unidentified threat actors have successfully compromised the GitHub repository for “all-in-one” security scanner Trivy, ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Xint Code Demonstrates Human-like Discovery and Prioritization of Business Logic Vulnerabilities, Analyzing Millions of Code ...

Unlike traditional SAST, code scanners or pen testers, Xint Code uses multi-LLM reasoning and orchestration for human-like contextual understanding, identification and prioritization of hidden ...

Open-source projects form much of the foundation of modern software, with many systems used in the industry relying on code ...

Shai-Hulud 2.0 exploited CI/CD pipelines in 2025, exposing shift-left flaws and driving curated catalogs to reduce CVE risk ...

Offensive cybersecurity firm Theori Inc. today announced the commercial availability of Xint Code, a new large language model ...

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using ...

Can free AI scanners replace enterprise SAST? Anthropic and OpenAI found 500-plus zero-days pattern-matching tools missed — and both scanners are free.

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.