Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

Cybersecurity stocks dropped up to 11% on February 23, 2026, after Anthropic launched Claude Code Security. The AI-powered ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

New release integrates automated security scanning, AI-powered remediation, and GitHub-native workflows for enterprise ...

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.

Hosting service GitHub has added a new feature to automatically set up code scanning on repositories. Called 'default setup,' the novel capability simplifies starting ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Companies have increased the cadence of application-security testing — with triple the number of applications scanned and 20 times more scans per application — compared to a decade ago, according to ...

As decentralized applications continue to grow in the blockchain environment, Smart Contract Vulnerability Scanning has become a core concept for building trust in decentralized finance and Web3.

Exploit code has been released for a serious code-execution vulnerability in Log4j, an open source logging utility that’s used in countless apps, including those used by large enterprise organizations ...