News

Developers Beware: Slopsquatting & Vibe Coding Can Increase Risk of AI-Powered Attacks
Slopsquatting and vibe coding are fueling a new wave of AI-driven cyberattacks, exposing developers to hidden risks through ...
LLMs can't stop making up software dependencies and sabotaging everything
The rise of LLM-powered code generation tools is reshaping how developers write software - and introducing new risks to the software supply chain in the process. These AI coding assistants, like large ...
Security Boulevard1d
NIST’s adversarial ML guidance: 6 action items for your security team
The National Institute of Standards and Technology’s latest guidance, on how to secure artificial intelligence (AI) ...
LinuxInsider4d
Open Source Security at Risk From Poor Oversight
As attacks grow more sophisticated, the open-source community is racing to close critical security gaps and stop malicious ...
GitGuardian Launches NHI Governance: Bringing Order to the Chaos of Non-Human Identity Security
NHI Governance delivers unified visibility and control over secrets in complex environments, addressing critical security ...
Chinese snoops use stealth RAT to backdoor US orgs – still active last week
A cyberspy crew or individual with ties to China's Ministry of State Security has infected global organizations with a remote ...
GovInfoSecurity4h
Whistleblower Complaint Exposes DOGE Cybersecurity Failures
A whistleblower complaint made public this week provides the most in-depth look yet at the Department of Government ...
Infosecurity Magazine3d
North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers
Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on ...
The Silent Security Crisis In AI’s Code Gold Rush—And How To Fix It
The future belongs to those who wield AI’s power responsibly. Let’s build it—one secure line of code at a time.
GitHub3d
Do your part to secure the open source supply chain
It’s not a matter of if, but when. Now, let’s dig into a specific open source supply chain attack to help paint the picture of how these attacks work. We want to hear from you! Join us on GitHub ...