Chainguard is racing to fix trust in AI-built software - here's how

Chainguard is racing to fix trust in AI-built software - here's how ...
InfoQ

Java 26 Delivers Language Innovation, Library Improvements, Performance and Security

Oracle has released version 26 of the Java programming language and virtual machine. As the first non-LTS release since JDK ...

CISA orders feds to patch max-severity Cisco flaw by Sunday

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by ...
Dark Reading

Interlock Ransomware Targets Cisco Enterprise Firewalls

The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before ...

Vibe Coding Has A Massive Security Problem

Vibe coding apps ship with alarming security flaws. What founders need to know about AI-generated code vulnerabilities in ...

Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

OpenClaw, the Fastest-Adopted Software Ever, Is Also a Security Blind Spot

OpenClaw is already running inside enterprises, often unnoticed. Learn why banning it fails and how CISOs must shift to ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching cycles.
Human Rights Watch

China: Cybercrime Bill Entrenches Censorship, Surveillance

The Chinese government’s proposed law to combat cybercrime extends far beyond addressing legitimate legal concerns and contains sweeping provisions that pose a significant threat to human rights.
Cybernews

Malicious campaign targeting vulnerable OpenWebUI servers: technical analysis

During an investigation into exposed OpenWebUI servers, the Cybernews research team identified a malicious campaign targeting vulnerable OpenWebUI servers with cryptocurrency miners and Info Stealers.