INFO

Detectify brings AppSec automation to AI agents with MCP Server and continuous testing

Help Net Security • May 26, 2026

HIGH

Organizations knowingly ship vulnerable code amid shrinking exploit windows

SC Media • May 22, 2026

HIGH

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

The Hacker News • May 11, 2026

INFO

Bridging the Gap to Autonomous Fixes: Snyk and Atlassian Unveil Intelligent Remediation for Jira

Snyk • Apr 29, 2026

INFO

AI is reshaping DevSecOps to bring security closer to the code

CSO Online • Apr 27, 2026

LOW

Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks

SC Media • Apr 21, 2026

CRITICAL

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

The Hacker News • Apr 14, 2026

CRITICAL

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

The Hacker News • Apr 07, 2026

INFO

The State of Trusted Open Source Report

The Hacker News • Apr 02, 2026

HIGH

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

The Hacker News • Mar 27, 2026

INFO

Chainguard locks down CI/CD with secure-by-default actions

Help Net Security • Mar 17, 2026

CRITICAL

OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues

The Hacker News • Mar 07, 2026

LOW

Your dependencies are 278 days out of date and your pipelines aren’t protected

Help Net Security • Mar 02, 2026

INFO

Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning

The Hacker News • Feb 21, 2026

INFO

Why the shift left dream has become a nightmare for security and developers

BleepingComputer • Feb 20, 2026

INFO

From Exposure to Exploitation: How AI Collapses Your Response Window

The Hacker News • Feb 19, 2026

INFO

Snyk and Cline: Securing the Future of Autonomous Coding

Snyk • Feb 18, 2026

INFO

The new paradigm for raising up secure software engineers

CSO Online • Feb 18, 2026

INFO

Weaving Security into the Flow: New Snyk Studio Capabilities Power the AI Security Fabric

Snyk • Feb 17, 2026

INFO

Vault Radar 2025 recap: Expanding visibility, deepening integration, and simplifying security

HashiCorp Blog • Feb 16, 2026

INFO

Product engineering teams must own supply chain risk

Reddit r/netsec • Feb 15, 2026

LOW

npm’s Update to Harden Their Supply Chain, and Points to Consider

The Hacker News • Feb 13, 2026

INFO

Black Duck expands Polaris platform with unified, automated security across all major SCMs

Help Net Security • Feb 12, 2026

INFO

Aqua Security: Built for This Moment

Aqua Security • Feb 12, 2026

INFO

Automaker Secures the Supply Chain With Developer-Friendly Platform

Dark Reading • Feb 10, 2026

INFO

How Duke Energy enforces cloud security at scale with Terraform & Vault, and 6 lessons

HashiCorp Blog • Feb 09, 2026

INFO

Armis Centrix brings unified, AI-driven application security to the SDLC

Help Net Security • Feb 10, 2026

INFO

The Engineer's Guide to Elastic Detections as Code

Elastic Security Labs • Feb 04, 2026

INFO

New OSS secret scanner: Kingfisher (Rust) validates exposed creds + maps permissions

Reddit r/netsec • Feb 07, 2026

INFO

Tool: AST-based security scanner for AI-generated code (MCP server)

Reddit r/netsec • Feb 06, 2026

INFO

Making the Most of Your Docker Hardened Images Enterprise Trial – Part 3

Docker Blog • Jan 25, 2026

INFO

Seven habits that help security teams reduce risk without slowing delivery

The Register Security • Jan 29, 2026