GitHub stories

Orca Security warns that AI credentials, vulnerable dependencies and lax pipeline controls are leaving production environments exposed across US and Europe.

Cursor 3 rebuilds the coding workspace around AI agents, adding cross-repository collaboration, cloud handoffs and review tools for developers.

Kestra secures USD $25 million from RTP Global to launch Kestra 2.0, roll out Kestra Cloud and expand in North America and Europe.

Liquibase rolls out AI-backed database governance and deployment connectors for ServiceNow, GitHub, Harness and Terraform to improve auditability.

Aerospike adds durable memory for LangGraph agents to keep context through restarts, failures and concurrent sessions.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Mimecast chief warns human risk is now cybersecurity's 'eighth layer' as malicious insiders overtake negligence in Australian attacks.

Veracode unveils an AI-driven tool that automatically fixes open-source vulnerabilities, tackling mounting security debt in software supply chains.

Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.

SpecterOps broadens BloodHound Enterprise to map identity attack paths across Okta, GitHub and Jamf-managed Macs in hybrid environments.

Entro launches AGA to map, monitor and control AI agents in enterprises, tackling shadow AI and non-human identity risks at scale.

Cobalt launches Security Program Manager service to run enterprise pentesting, align tests with business goals and speed up remediation.

North Korean IT workers using Western collaborators and fake identities are infiltrating remote jobs to funnel foreign salaries home.

ThoughtSpot rolls out Spotter for Industries, AI analytics agents tuned to sector rules to close the “context gap” in enterprise decisions.

AI-fuelled coding drives record 29 million hardcoded secrets on GitHub in 2025, with leaks from AI tools and services surging sharply.

1Password unveils Unified Access to secure AI agents and machine credentials, promising endpoint-to-agent visibility for security teams.

GitHub joins tech giants in a USD $12.5 million Alpha-Omega push, boosting AI-powered defences for critical open source software.

Linux Foundation wins USD $12.5m from tech giants to bolster AI-era open source security and ease pressure on overstretched maintainers.

VAST Data unveils Foundation Stacks, turning NVIDIA AI Blueprints into production-ready pipelines on its AI Operating System.

VAST Data unveils Foundation Stacks, open-source pipelines turning NVIDIA AI Blueprints into production-ready workflows on its AI OS.