GitHub pulled 73 Microsoft repositories offline after the self-replicating Miasma worm weaponized IDEs and AI coding tools to harvest developer credentials.
OpenAI’s Daybreak Challenges Anthropic in AI Cybersecurity Race
OpenAI has moved deeper into enterprise cybersecurity with the launch of Daybreak, a platform that identifies software vulnerabilities, validates fixes, and speeds up patching workflows using AI models and its Codex Security system. Daybreak places OpenAI more directly in competition with Anthropic, whose Project Glasswing and Claude Mythos models also offer dual-use AI systems built […]
Cyber Threats to DevOps Platforms Rising Fast, GitProtect Report Finds
The number of incidents targeting DevOps platforms grew 21% in 2025, but the amount of downtime jumped almost 95%, the security firm said.
Latest Typosquatting Attack Targeting VS Code Tools Hits Windsurf IDE
Cybersecurity researchers from Bitdefender, a provider of an endpoint detection and response (EDR) platform, have discovered an extension to the Windsurf integrated development environment (IDE) that steals credentials and data after code is downloaded from the Solana blockchain platform. Silviu Stahie, a security analyst for Bitdefender, said the extension makes use of typosquatting tactics to […]
OpenAI Bolsters AI Coding with Acquisition of Python Toolmaker Astral
OpenAI announced Thursday that it has reached an agreement to acquire Astral, the startup behind some of Python community’s most popular open-source developer tools. The acquisition marks further escalation in the rapidly evolving artificial intelligence (AI)-assisted development market, which has led to a coding war between OpenAI and its primary rivals, including Anthropic and the […]
Tool Fragmentation is Breaking Delivery Context — Here’s What Teams are Learning
Explore the emerging crisis in application delivery caused by tool fragmentation in modern software development. This article discusses the need for semantic interoperability, context preservation, and a shift from linear pipelines to graph-based architectures to enhance efficiency and reduce cognitive load for developers
Secrets Management Failures in CI/CD Pipelines
Explore the critical role of secrets management in CI/CD pipelines and its impact on cybersecurity. This article highlights the risks of credential exposure, the importance of implementing strong security practices, and how organizations can ensure robust defenses against breaches and supply chain attacks.
Bridging the Dev–Security Gap With Smarter Authorization
Software teams have always lived with a built-in tension – developers push to ship fast, while security teams pump the brakes to assess risk. Now, with AI flooding the enterprise, that friction is spiking. One recent survey found a staggering 322% jump in privilege-escalation risks tied to AI-generated code. The root problem isn’t new – […]
Your AI Agents Have a Blind Spot: What DevOps Teams Need to Know About Cross-LLM Security
Explore the challenges of AI agents in DevOps pipelines, highlighting the importance of model-aware detection to improve security and reduce vulnerabilities.
Crates.io Removes Malicious Rust Package Targeting Web3 Developers
A malicious Rust package that was found to be downloading payloads aimed at stealing cryptocurrency was removed from the crates.io Rust package registry, along with another package by the same author that appeared benign but was dependent on the first. The crates.io team removed both packages this week after security researchers with Socket alerted it […]
- 1
- 2
- 3
- …
- 10
- Next Page »