Crypto Briefing

Google expands CodeMender access to compete with Anthropic’s Mythos in AI security race

Google opens CodeMender API access externally, letting security experts test its AI code vulnerability agent as it competes ...

GitHub confirms breach of 3,800 repos via malicious VSCode extension

GitHub has confirmed that roughly 3,800 internal repositories were breached after one of its employees installed a malicious ...
SecurityWeek

GitHub Confirms Hack Impacting 3,800 Internal Repositories

GitHub has confirmed that roughly 3,800 internal repositories were hacked after an employee installed an infected VS Code ...
InfoWorld

9 application security startups combating AI risks

AI is collapsing the security boundaries between code, pipeline, and runtime. These startups are racing to fill the gaps.
Infosecurity Magazine

GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

The Microsoft-owed software developer platform, GitHub, has confirmed a third-party has gained unauthorized access to 3800 ...
Tech Xplore

Crashes with consequences: Serial code-reuse attack SFOP breaks Intel CET in Linux

A code-reuse attack named "Segmentation Fault Oriented Programming (SFOP)" exploits weaknesses in signal handling and Intel ...

Lenexa gate codes exposed online; expert shares safety steps

The city said the data was “inadvertently available online” and primarily consisted of emergency gate access codes used by ...

How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day

Following the release of a BitLocker zero-day security bypass by a disgruntled hacker, Microsoft has now offered mitigation ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
SecurityWeek

Unpatched ChromaDB Vulnerability Can Lead to Server Takeover

An unpatched vulnerability in ChromaDB could be exploited without authentication for remote code execution and server ...

1Password extends OpenAI collaboration with Codex MCP server for just-in-time credential access

Cybersecurity and password service provider 1Password LLC today expanded its collaboration with OpenAI Group PBC, releasing a ...

OpenAI And 1Password Bring Password Security To Codex

OpenAI and 1Password unveil a partnership that will provide Codex with secure access to credentials as part of new approach ...