The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Securing the Code Factory: Why SDLC Infrastructure Has Become a Core Cloud Risk

For years, software security focused on the final product: the code that ships. Today, attackers are increasingly targeting ...

Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

Anthropic just shipped an OpenClaw killer called Claude Code Channels, letting you message it over Telegram and Discord

The consensus among early adopters is that Anthropic has successfully internalized the most desirable features of the open-source movement—multi-channel support and long-term memory ...

Keycard Releases Runtime Governance for Autonomous Coding Agents

Keycard will be showcasing Keycard for Coding Agents in its booth #2351 at Moscone South Expo at RSA. "We wanted our ...
TMCnet

Boost Security Launches Developer Endpoint Security to Secure AI-Driven Software Development at the Source

Boost Security today announced Boost Security Developer Endpoint Security, a new platform designed to secure the rapidly expanding attack surface created by AI-powered software development. The ...

Security Policy Is Already Code—We Just Don’t Treat It That Way

As cloud infrastructure scales, organizations must move toward systems where policy automatically corrects misconfigurations ...
Hackaday

Forgetfulino Puts Back Up Of Source Inside The Binary

How often have you pulled out old MCU-based project that still works fine, but you have no idea where the original source ...

ActiveState Launches Curated Catalogs to Neutralize Security Risks in AI-Generated Code

New private repository secures the AI-driven development boom by grounding LLMs in a library of 79 million vetted, rebuilt-from-source components VANCOUVER, BC, March 17, 2026 /PRNewswire/ -- ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Why Garry Tan’s Claude Code setup has gotten so much love, and hate

Thousands of people are trying Garry Tan's Claude Code setup, which was shared on GitHub. And everyone has an opinion: even ...
Developer Tech

OpenAI offers free AI coding tools to open-source maintainers

Open-source projects form much of the foundation of modern software, with many systems used in the industry relying on code written and maintained by volunteers or small teams. Those maintainers often ...