The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Microsoft

CTI-REALM: A new benchmark for end-to-end detection rule generation with AI agents

CTI-REALM is Microsoft’s open-source benchmark that evaluates AI agents on real-world detection engineering. It measures whether an agent can take cyber threat intelligence (CTI) and produce validated ...

Building Apps with Google Antigravity & Firebase, Step by Step

Google Antigravity with Gemini 3.1 pairs with Firebase to easily build apps with sandbox payments, webhook verification and ...

2026 Security Validation Report: Neev Data’s SaaS Platform Achieves Best-in-Class RAV Score in Independent Pen Test

Independent OSSTMM penetration testing by a Swiss security firm confirms Best-in-Class RAV score for Neev’s next gen ...

Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four post-authentication gaps in enterprise IAM that made it possible — and the governance ...