Cloudflare has outlined a reference architecture for scaling Model Context Protocol (MCP) deployments across the enterprise, positioning centralized governance, remote server infrastructure, and...

The Cloud Native Computing Foundation (CNCF) and Kusari have announced a new collaboration aimed at strengthening software supply chain security across cloud-native projects, providing free access...

We’re launching across the developer and security community this week on Product Hunt and Hacker News. If you’ve been following AI security, we’d love your support and your feedback.  At Mozilla,...

亚马逊云科技推出Amazon Security Agent按需渗透测试功能，支持多种云环境，提升安全测试速度和覆盖范围，成本低于人工测试，降低风险暴露。

A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a...

Soroosh Khodami discusses why we aren't ready for the next Log4Shell. He shares live demos of dependency confusion and compromised builds, explaining how minor oversights gift hackers total system...

Version 4.0 of the open source Kubernetes security platform Kubescape has been released, bringing runtime threat detection and a new set of AI-era security features. This is the first time the...

Enterprises that grant excessive access permissions to AI systems experience 4.5 times as many security incidents as those that do not, according to The 2026 State of AI in Enterprise...

Shana Dacres-Lawrence explains the complex relationship between security and architecture, identifying three types of "betrayal" - physical, emotional, and trust - that lead to systemic failure....

The panelists discuss the dramatic escalation of software supply chain threats, from typosquatting to AI-generated vulnerabilities. They explain how to move beyond basic scanning by adopting a...

There was a flurry of activity in the Spring ecosystem during the week of March 16th, 2026, highlighting the third milestone releases of: Spring Boot, Spring Security, Spring Integration, Spring...

This is a critical moment for open source software. AI enables new contributors in new ways, but maintainers are also faced with an unprecedented volume of contributions and security reports. This...