CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Sometime on March 19, 2026, a poisoned version of the open-source security scanner Trivy slipped into automated build ...

Every time a developer types npm install, they are placing a bet that the package they are pulling into their project is not laced with malicious code. In 2025, those odds got significantly worse.

Israeli cybersecurity startup Seal Cybersecurity Solutions Inc. today revealed that it has raised $13 million in new funding to accelerate its go-to-market efforts and expand its core vulnerability ...

CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of ...

The danger in the code came from characters that are invisible to the human eye. In early March researchers at several security firms examined what looked like empty space and found hidden Unicode ...

Open source components continue to cause huge problems for security practitioners, and AIxCC was created to determine whether automation could help close the gap. At DEF CON 33, DARPA announced the ...

The mean number of open-source vulnerabilities per codebase doubled in the past year, according to the annual Black Duck Open Source Software and Risk Analysis (OSSRA) report released Wednesday. The ...

First discovered in October, GlassWorm employs undisplayable Unicode characters to make malicious code invisible to code editors in VS Code environments. The worm has also now wriggled its way into ...

Windows networking and authentication components, including four critical remote code execution bugs patched in this month’s ...