OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that's designed to find, validate,…
Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning
Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user's software…
From Exposure to Exploitation: How AI Collapses Your Response Window
We’ve all seen this before: a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving.…
npm’s Update to Harden Their Supply Chain, and Points to Consider
In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain…
Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection
A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even…
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100…
Cloud-Native Security in 2025: Why Runtime Visibility Must Take Center Stage
The security landscape for cloud-native applications is undergoing a profound transformation. Containers, Kubernetes, and serverless…