Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

Spread the loveThe cybersecurity landscape has been shaken by a significant supply chain attack involving the popular Trivy vulnerability scanner, a tool widely used in DevOps environments. Developed ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.

The flaw could allow attackers to bypass Nuclei’s template signature verification process to inject malicious codes into host systems. A widely popular open-source tool, Nuclei, used for scanning ...

OpenAI unveiled Codex Security on Friday, an advanced application security tool that detects complex software vulnerabilities ...

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.

BOSTON and TEL AVIV, Israel, July 31, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native security and primary maintainer of Trivy, today announced that Root has joined the Trivy ...

Earlier this month, open-source security innovator TuxCare launched an in-memory vulnerability scanner for Linux-native environments. TuxCare Radar is a Linux-first vulnerability scanner that cuts ...

Peter Steinberger took to X to call out GitHub’s security vulnerability reporting process, calling it a “mess,” after he helped build OpenClaw into one of the fastest-growing projects and one of the ...

While Claude already finds over 100 vulnerabilities in Firefox, OpenAI announces Codex Security, an AI vulnerability scanner.