Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...

Cortex 3.0 delivers AI-powered code generation, vulnerability scanning, Enterprise AI & DevSecOps integrations, ...

Cloud environments are dynamic by design. New identities are created, policies adjusted, and workloads deployed or retired several times a day. Yet many organizations continue to rely on scanning and ...

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.

IT researchers have identified a supposedly critical zero-click vulnerability in Telegram. Telegram disputes this.

Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data despite security measures. encryption truecrypt secure storage Apple patched a ...

Update, May 11, 2025: This story, originally published May 9, has been updated with more details on the move towards greater cloud Common Vulnerabilities and Exposures (CVE) transparency by both ...

State and local government IT teams face a constant flood of vulnerability alerts. With tens of thousands of new common vulnerabilities and exposures (CVEs) published every year, security teams must ...

Microsoft Systems administrators everywhere, it looks like you get a Patch Monday as a side dish to the usual Patch Tuesday this week. There's a full remote code vulnerability (RCE) exploit for ...

A critical web security flaw on Co-operative Bank of Kenya’s website has been exposed, revealing sensitive database ...