TMCnet

Chainguard Launches Commercial Builds with Industry Leaders, Setting a New Standard for Verifiable, Zero-Vulnerability Software

Azul, Chainloop, Elastic, Expanso, F5 NGINX, Grafana Labs, Mattermost, Nirmata, Percona, Smallstep, and Tiger Data trust Chainguard for verifiably secure software with zero known ...
TMCnet

Chainguard Launches the First Unified Repository for Secure-by-Default Open Source Artifacts

AI coding tools and autonomous agents are generating more code, pulling in more dependencies, and interacting with open source at a scale humans have never seen before," said Dan Lorenc, CEO and ...

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
InfoQ

QCon London 2026: From Prompt to Production: How Spotify Builds Internal Tools in Days with AI

At QCon London 2016, engineers from Spotify presented how the company accelerates internal tool development using its ...
InfoQ

Elastic Releases Version 9.3.0 With Enhanced AI Tools and OTel Support

Elastic 9.3.0 is now available, featuring enhanced vector search indexing for RAG applications and significant upgrades to ...
Hosted on MSN

Multiple mental health apps riddled with high severity security flaws

Oversecured found 1,500 vulnerabilities across 10 mental health apps with over 14 million downloads Exposed therapy transcripts, mood logs, medication schedules, and other sensitive data Therapy ...

Development Environment: Eclipse IDE 2026-03 enhances Java refactoring

The quarterly release of Eclipse IDE 2026-03 brings some new features alongside bug fixes, such as the Java refactoring function "Convert Class to Record".

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Slay the Spire 2 devs have a radical stance on piracy

The popular roguelike deckbuilder is made in Godot, and the engine makes a difference when it comes to game development and piracy ...

Book review: How French imperialism in India was linked to the slave trade

In his new book, Glorious Failure, Robert Ivermee shakes the notion that French colonialism in India was benign, and ...