GitHub's source code is allegedly on sale online. Hackers claim that they will release it for free if they don't find a buyer ...

CertiK today launched CertiK Skill Scanner, a security product that evaluates third-party AI Skills before execution. The ...

The AI company's Bumblebee tool tackles your most urgent question after any supply‑chain advisory: Do your programmers have ...

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

Perplexity has released Bumblebee, an open-source security scanner for developer machines that helps detect risky packages ...

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

GitHub confirms breach of 3,800 internal repos after employee installs poisoned VS Code extension - SiliconANGLE ...

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

TeamPCP is an increasingly notorious group of cybercriminals that carry out software supply chain attacks, where hundreds of ...

Shannon Lite, the autonomous white-box penetration testing tool built by San Francisco-based Keygraph, shipped version 1.2.0 ...