Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...
InfoQ

AWS Launches Managed Openclaw on Lightsail amid Critical Security Vulnerabilities

AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE, with 17,500+ ...

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Field & Stream

We Tested Dog Training Collars in the Field—These Are the 8 Best

A young waterfowling friend recently got a German shorthair and asked me what kind of upland shotgun he should buy so he could take his dog hunting. I said, “That’s the wrong question. You’ve already ...