Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

AI-assisted code speeds development, but introduces vulnerabilities at an alarming rate. Waratek IAST reports flaws ...

The Lapsus$ extortion group has claimed the theft of 3GB of data from AstraZeneca, including internal code repositories and ...

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as ...

Oracle WebLogic operators are under pressure to close a critical security gap after attackers began probing and exploiting a newly disclosed flaw on the same day public exploit code appeared, ...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

New AI-powered scanner -- who-touched-my-packages -- detects zero-day malicious packages and credential exfiltration in seconds BOSTON, March 26, 2026 /PRNewswire/ -- Point Wild, a leading global ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Last week, Anthropic reported successes of its AI vulnerability scanner based on Claude Opus 4.6, stating it had discovered more than 100 security vulnerabilities in Firefox. OpenAI is not letting ...