Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to catch vulnerabilities in AI-generated code before they ship to production.

Software today is built at a speed and scale we’ve never seen before. Teams release updates weekly, sometimes daily, and they ...

The ActiveState catalog grew to 40 million components in mid 2025 when it introduced coverage for Java and R in addition to Python, Perl, Ruby, and Tcl. As of January 2026, the company has expanded ...

Container instances. Calling docker run on an OCI image results in the allocation of system resources to create a ...

Report claims more vulnerabilities created than fixed as remediation gap widens Veracode has posted its annual State of ...

Eighty-seven percent of organizations have at least one exploitable software vulnerability in production, affecting 40% of ...

Discovery is getting cheaper. Validation and patching aren’t What good is finding a hole if you can't fix it? Anthropic last week talked up Claude Code's improved ability to find software ...

The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks.

In the AI developer boom, some of the most important battlegrounds are not glamorous models or splashy chatbots. They are the quiet pipes that keep modern coding tools fed and up to date.

France and Germany build sovereign platforms on open foundations using global standards. The risk is procurement that ...