Open source maintainers are right to be concerned about AI slop, but banning AI-generated code outright is a huge mistake.
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
Hannah Dacayanan of UnitedLex discusses ways in which automated software composition analysis tools identify open source ...
When AI-assisted vulnerability discovery makes it dramatically easier to identify weaknesses hidden inside modern dependency ...
Block deployed the Builderbot agent framework across its codebase to automate complex cross-service software development ...
Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...
Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.
Apache® Magpie provides open source maintainers with platform infrastructure for agent-assisted repository maintainershipWilmington, DE, June 30, 2026 (GLOBE NEWSWIRE) -- The Apache Software ...
Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
Microsoft GitHub hack hit open-source AI tools, exposing developer passwords and cloud credentials. Here’s why SA tech teams ...
Malicious apps got into the Arch User Repository - how to protect yourself ...
A variant of the infamous Shai-Hulud worm wreaked havoc on Microsoft's code repositories, triggering disruptions to CI/CD workflows and heightening concerns about increasing software supply chain ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results