Chainguard is expanding beyond open-source security to protect open-core software, AI agent skills, and GitHub Actions.

GhostClaw, a macOS infostealer, is spreading through GitHub repositories and developer tools, and it works because routine ...

Do you really need custom context files for every repository?

Boost Security Developer Endpoint Security has been engineered to address this gap by securing the developer environment directly, embedding protection into the tools, agents and workflows where code ...

Boost Security today announced Boost Security Developer Endpoint Security, a new platform designed to secure the rapidly expanding attack surface created by AI-powered software development. The ...

As cloud infrastructure scales, organizations must move toward systems where policy automatically corrects misconfigurations ...

New private repository secures the AI-driven development boom by grounding LLMs in a library of 79 million vetted, rebuilt-from-source components VANCOUVER, BC, March 17, 2026 /PRNewswire/ -- ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Open-source projects form much of the foundation of modern software, with many systems used in the industry relying on code written and maintained by volunteers or small teams. Those maintainers often ...

The Glassworm campaign has compromised over 151 GitHub repositories and npm packages using invisible Unicode payloads that ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Rumor mill: OpenAI is reportedly developing a code-hosting platform designed to compete with GitHub, which is owned by Microsoft. According to The Information, the project is still in its early stages ...