InfoQ

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
Developer Tech

AI code scanners halt Internet Bug Bounty payouts

The Internet Bug Bounty program has paused new submissions, citing a massive expansion in vulnerability discovery by AI code ...
SiliconANGLE

Seal Security raises $13M to scale automated open-source vulnerability remediation

Israeli cybersecurity startup Seal Cybersecurity Solutions Inc. today revealed that it has raised $13 million in new funding to accelerate its go-to-market efforts and expand its core vulnerability ...

ProjectDiscovery Launches Neo, an Advanced Security Testing Platform That Finds and Proves Real Vulnerabilities

ProjectDiscovery, winner of the 2025 RSAC Innovation Sandbox, today announced the commercial launch of Neo, an advanced security testing platform that autonomously performs end-to-end penetration ...
The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.