Explore Static Application Security Testing and its role in spotting vulnerabilities in an AI-driven coding landscape.

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Security researchers from Georgia Tech have observed a surge in reported CVEs for which the flaw was introduced by ...

Anthropic exposed Claude Code source on npm, revealing internal architecture, hidden features, model codenames, and fresh ...

AI isn’t just getting really good at coding, but it’s also able to find decades-old bugs in systems designed by some of ...

Hundreds of thousands of lines of code were exposed, giving researchers insight into upcoming models and internal ...

2026 OSSRA report highlights the rapidly expanding attack surface and abrupt rise in open source vulnerabilities and license conflicts in commercial codebases Based on analysis of 947 codebases across ...

ProjectDiscovery, winner of the 2025 RSAC Innovation Sandbox, today announced the commercial launch of Neo, an advanced security testing platform that autonomously performs end-to-end penetration ...

Offensive cybersecurity firm Theori Inc. today announced the commercial availability of Xint Code, a new large language model-native static application security testing or SAST tool capable of ...

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...

Malicious code continues to be uploaded to open source repositories, making it a challenge for responsible developers to trust what’s there, and for CISOs to trust applications that include open ...