Computer Weekly

Boost cooks up SmokedMeat, open source framework for CI/CD pipelines protection

Boost Security has announced SmokedMeat, an open source red team framework for CI/CD pipelines that shows how attackers ...
InfoQ

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a ...
Dark Reading

Claude Source Code Leak Highlights Big Supply Chain Missteps

Sophisticated cyberattacks targeting a variety of open source projects, including the Trivy security-scanner project, the widely used Axios Javascript package, and now Anthropic's accidental ...