Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.
Bleeping Computer

Apiiro unveils free scanner to detect malicious code merges

Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are added to software projects to curb supply chain attacks. The two ...
dbta

Sonar Ushers in Support for Third-Party, Open Source Code Analysis and Security

Sonar, the leading provider of integrated code quality and code security solutions, is unveiling SonarQube Advanced Security, a significant advancement in code security which will soon be available.
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
SDxCentral

Cisco source code breach leaks AI projects and AWS credentials

While Cisco breaches often center around hardware and legacy vulnerabilities, a 2024 attack saw an actor download certain ...