Part of the SD Times 100 2026 series. See the full SD Times 100 2026 list for every category and honoree. Application security has spent years maturing around a relatively stable assumption: a human ...
DSpark can make decoding faster, but acceptance quality still determines how much speed the system actually realizes.
Open-source agentic coding model Ornith-1.0, released today under the MIT license, uses a self-improving reinforcement ...
Vibe coding’s dark side, “vibe hacking,” is on the rise. Cybersecurity companies such as McAfee and Bitdefender have observed ...
Veracode is a mature application security platform used by many enterprises to find, manage, and remediate software risk. Its ...
Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...
The Miasma credential-stealing attack framework, which has recently targeted open-source ecosystems through supply-chain attacks, was briefly open-sourced on GitHub. Miasma appears to be an evolution ...
Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is detected. No shell ...
TeamPCP is weaponizing the fruits of its extensive supply chain attacks, using stolen credentials to access cloud and software-as-a-service (SaaS) environments. The threat group this month compromised ...
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
The acquisition of Promptfoo, which counts more than 125,000 developers and 30-plus Fortune 500 companies among its users, is OpenAI’s most direct move yet into AI application security. Its technology ...
AI agents able to submit huge numbers of pull requests (PRs) to open-source project maintainers risk creating the conditions for future supply chain attacks targeting important software projects, ...