The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.
Mena FN

Open Source Scanning Sector Report: Market Competition And Outlook

(MENAFN- EIN Presswire) EINPresswire/ -- "The open source scanning market has emerged as a critical component of modern software security, reflecting the increasing reliance on open source code across ...
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...