InfoQ

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
The Hacker News

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx data surfaced after March 23, 2026 supply chain attack, prompting repository lockdown and investigation, raising ...
Phys.org

Developing optical vortex phase masks for the detection of habitable worlds

A team of NASA researchers is developing new types of optical masks that could help enable the many orders of magnitude of starlight suppression needed for future space observatories to pick out very ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...