SecurityWeek

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike and Tenable informed customers this week about potentially serious vulnerabilities found and patched in their ...
SecurityWeek

Bitwarden NPM Package Hit in Supply Chain Attack

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.
The Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.
InfoWorld

Is your Node.js project really secure?

Node.js does not need more theatrical security output. It needs better developer workflow infrastructure. It needs tools that ...
CSO Online

Microsoft taps Anthropic’s Mythos to strengthen secure software development

Microsoft plans to integrate Anthropic’s Mythos AI model into its Security Development Lifecycle, a move that suggests ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

GitLab Extends Agentic AI with New Automated Security Remediation, Pipeline Setup, and Delivery Analytics

GitLab 18.11 helps address those gaps with platform-native agents that have access to the code, pipelines, issues, and ...

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...

Claude Mythos and Project Glasswing: why an AI superhacker has the tech world on alert

A new AI model could automate the process of searching for cybersecurity bugs and flaws – for better or worse.
TMCnet

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

Azul, the trusted leader in enterprise Java for today's AI and cloud-first world, today highlighted growing security risks for enterprises relying on free, unsupported Java runtimes. Azul demonstrated ...
InfoQ

Cloudflare Adds Active API Vulnerability Scanning to Its Edge

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...