devsecops

Why writing software has become dangerous today

• devsecops

Why writing software has become dangerous today

Zaid Al Hamami June 5, 2026

There’s just more code than ever and developers can’t verify everything – we need to make all...

Read More Read more about Why writing software has become dangerous today

Organizations knowingly ship vulnerable code amid shrinking exploit windows

• devsecops

Organizations knowingly ship vulnerable code amid shrinking exploit windows

SC Staff May 22, 2026

New research from Checkmarx reveals that 75% of organizations admit to frequently or sometimes deploying code they...

Read More Read more about Organizations knowingly ship vulnerable code amid shrinking exploit windows

Vibe coding has cybersecurity asking what AI can — and can’t — replace

• aiml
• application-security
• devsecops
• generative-ai

Vibe coding has cybersecurity asking what AI can — and can’t — replace

Laura French May 11, 2026

Cyber pros balance hype, skepticism and uncertainty as AI coding disrupts industry norms.

Read More Read more about Vibe coding has cybersecurity asking what AI can — and can’t — replace

Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! – SWN #579

• devsecops
• supply-chain

Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! – SWN #579

Aaran Leyland May 8, 2026

Read More Read more about Canvas, Shai-Hulud, QuasarRat, 0Days, Anthropic, Aaran Leyland, and EU Compliance! – SWN #579

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

• aiml
• application-security
• devsecops
• generative-ai

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

Steve Zurier April 29, 2026

Latest case was the second time in five weeks the Python package was exploited.

Read More Read more about LiteLLM exploited within 36 hours of disclosure via SQL injection bug

Checkmarx supply chain hack impacts Bitwarden CLI

• devsecops
• identity
• supply-chain
• threat-intelligence

Checkmarx supply chain hack impacts Bitwarden CLI

SC Staff April 24, 2026

Bitwarden CLI was reported by Socket and JFrog researchers to have been affected by the TeamPCP-linked supply...

Read More Read more about Checkmarx supply chain hack impacts Bitwarden CLI

Ring the alarm! Your IT security program has a mobile-app gap

• aiml
• application-security
• devsecops

Ring the alarm! Your IT security program has a mobile-app gap

Paul Wagenseil April 23, 2026

As mobile apps take over the digital landscape, securing them effectively is essential.

Read More Read more about Ring the alarm! Your IT security program has a mobile-app gap

Flaw in Microsoft-owned GitHub repository allowed RCE via issue submission

• application-security
• devsecops
• supply-chain
• vulnerability-management

Flaw in Microsoft-owned GitHub repository allowed RCE via issue submission

Laura French April 22, 2026

Attackers could have extracted a GITHUB_TOKEN secret, potentially enabling unauthorized changes.

Read More Read more about Flaw in Microsoft-owned GitHub repository allowed RCE via issue submission

Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks

• aiml
• devsecops
• security-operations
• supply-chain

Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks

SC Staff April 21, 2026

Endpoint aims to provide enterprises with visibility and control over software packages, development environments, browser extensions, and...

Read More Read more about Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks

Vercel incident falls short of a supply chain attack — for now

• ai-benefitsrisks
• devsecops
• identity

Vercel incident falls short of a supply chain attack — for now

Steve Zurier April 20, 2026

Experts say Vercel case was a trust and authentication boundary failure, but not an attack on the...

Read More Read more about Vercel incident falls short of a supply chain attack — for now