The ShinyHunters extortion group claims to have stolen over 1.5 billion Salesforce records from 760 companies using compromised Salesloft Drift OAuth tokens.

Take Sonatype Nexus Repository Cloud for a spin and see how it securely stores all your development tools and optimizes build ...

The raise coincides with MetalBear being named a Gartner Cool Vendor in Container Management, marking another milestone as enterprises seek ways to streamline development in an era when artificial ...

Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...

CodeRabbit's $60M funding highlights enterprise need for AI code review platforms, with organizations seeing 25% efficiency ...

Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...

The novel malware strain is being dubbed Shai-Hulud — after the name for the giant sandworms in Frank Herbert’s Dune novel ...

FileFix phishing attack in June 2025 delivers StealC malware via Bitbucket images, bypassing detection with obfuscation.

The new group relies on data theft and encryption, but coding errors in its ransom note routine expose weaknesses that ...

Cursor is an AI-powered fork of Visual Studio Code, which supports a feature called Workspace Trust to allow developers to ...

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Koi Security Inc., a startup providing cybersecurity for enterprise endpoints, announced Wednesday it raised $48 million in ...