News

Self-propagating supply chain attack hits 187 npm packages

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

Stop waiting on NVD — get real-time vulnerability alerts now

Vulnerabilities are discovered daily—but not every alert matters. SecAlerts pulls from 100+ sources for faster, real-time ...

Endpoint cybersecurity firm Koi raises $48M to stop attacks against enterprise networks

Koi Security Inc., a startup providing cybersecurity for enterprise endpoints, announced Wednesday it raised $48 million in ...
TechCrunch

Ox Security lands a fresh $60M to scan for vulnerabilities in code

As “vibe coding” gains in popularity and tech companies push devs in their employ to embrace generative AI tools, a platform that scans for vulnerabilities in AI-generated code has raised a fresh ...
Computer Weekly

Open source security and sustainability remain unsolved problem

While software bills of materials offer some transparency over software components, they don’t solve the imbalance between ...